Question 1

H.323 uses Ports 1719 and 1720

Accepted Answer

A) True 
 B)False

Question 2

The prevention of sensitive information from being sent out of a company is called ________.

Accepted Answer

A)  unified threat management 
B)  antivirus filtering 
C)  attachment deletion 
D)  extrusion prevention 
A)  unified threat management 
B)  antivirus filtering 
C)  attachment deletion 
D)  extrusion prevention

Question 3

In a(n) ________ attack, information that a user enters is sent back to the user in a webpage.

Accepted Answer

A)  login screen bypass 
B)  buffer overflow 
C)  XSS 
D)  SQL injection attack 
A)  login screen bypass 
B)  buffer overflow 
C)  XSS 
D)  SQL injection attack

Question 4

If NAT changes the Layer 3 IP destination addresses, the protocol will still work properly.

Accepted Answer

A) True 
 B)False

Question 5

In a URL, ".." (without the quotes) means ________.

Accepted Answer

A)  move one directory up 
B)  move one directory down 
C)  move to the operating system's root directory 
D)  ignore the last entry 
A)  move one directory up 
B)  move one directory down 
C)  move to the operating system's root directory 
D)  ignore the last entry

Question 6

To prevent eavesdropping, applications should ________.

Accepted Answer

A)  be updating regularly 
B)  use electronic signatures 
C)  use encryption for confidentiality 
D)  use encryption for authentication 
A)  be updating regularly 
B)  use electronic signatures 
C)  use encryption for confidentiality 
D)  use encryption for authentication

Question 7

DNS, DHCP, and LDAP are examples of supervisory protocols in TCP/IP.

Accepted Answer

A) True 
 B)False

Question 8

RTP stands for ________.

Accepted Answer

A)  Real Transfer Protocol 
B)  Real Time Protocol 
C)  Real Transport Protocol 
D)  None of the above 
A)  Real Transfer Protocol 
B)  Real Time Protocol 
C)  Real Transport Protocol 
D)  None of the above

Question 9

Which of the following is the most dangerous because it can do more on a computer when it is executed?

Accepted Answer

A)  Active-X 
B)  Java 
C)  Javascript 
D)  VBscript 
A)  Active-X 
B)  Java 
C)  Javascript 
D)  VBscript

Question 10

Java applets are large Java programs.

Accepted Answer

A) True 
 B)False

Question 11

Someone breaks into a corporate VoIP system to place free long-distance and international toll calls. This is referred to by security professionals as ________.

Accepted Answer

A)  toll fraud 
B)  VoIP hacking 
C)  phone phreaking 
D)  blue boxing 
A)  toll fraud 
B)  VoIP hacking 
C)  phone phreaking 
D)  blue boxing

Question 12

Which version of SNMP allows the manager to have a different shared secret with each agent?

Accepted Answer

A)  Version 1 
B)  Version 2 
C)  Version 3 
D)  All of the above 
A)  Version 1 
B)  Version 2 
C)  Version 3 
D)  All of the above

Question 13

PKI uses circles of trust.

Accepted Answer

A) True 
 B)False

Question 14

Operating system account passwords provide limited protection.

Accepted Answer

A) True 
 B)False

Question 15

When securing application configuration settings, default password settings should not be changed.

Accepted Answer

A) True 
 B)False

Question 16

Skype can decrypt and read user traffic.

Accepted Answer

A) True 
 B)False

Question 17

SIP proxy servers are used in ________.

Accepted Answer

A)  transport transmissions 
B)  signaling transmissions 
C)  Both A and B 
D)  Neither A nor B 
A)  transport transmissions 
B)  signaling transmissions 
C)  Both A and B 
D)  Neither A nor B

Question 18

Companies are responsible for filtering sexually or racially harassing messages and can be sued for not doing so.

Accepted Answer

A) True 
 B)False

Question 19

Blind SQL injection uses a series of SQL statements that produce different responses based on true/false questions, or timed responses.

Accepted Answer

A) True 
 B)False

Question 20

In Internet Explorer, the Security tab controls the website's pop-up blocker.

Accepted Answer

A) True 
 B)False

H.323 uses Ports 1719 and 1720

The prevention of sensitive information from being sent out of a company is called ________.

In a(n) ________ attack, information that a user enters is sent back to the user in a webpage.

If NAT changes the Layer 3 IP destination addresses, the protocol will still work properly.

In a URL, ".." (without the quotes) means ________.

To prevent eavesdropping, applications should ________.

DNS, DHCP, and LDAP are examples of supervisory protocols in TCP/IP.

RTP stands for ________.

Which of the following is the most dangerous because it can do more on a computer when it is executed?

Java applets are large Java programs.

Someone breaks into a corporate VoIP system to place free long-distance and international toll calls. This is referred to by security professionals as ________.

Which version of SNMP allows the manager to have a different shared secret with each agent?

PKI uses circles of trust.

Operating system account passwords provide limited protection.

When securing application configuration settings, default password settings should not be changed.

Skype can decrypt and read user traffic.

SIP proxy servers are used in ________.

Companies are responsible for filtering sexually or racially harassing messages and can be sued for not doing so.

Blind SQL injection uses a series of SQL statements that produce different responses based on true/false questions, or timed responses.

In Internet Explorer, the Security tab controls the website's pop-up blocker.

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Access Control

Firewalls

Host Hardening

Data Protection

Incident and Disaster Response

Module A: Networking Concepts

Filters

Exam 8: Application Security

H.323 uses Ports 1719 and 1720

The prevention of sensitive information from being sent out of a company is called ________.

In a(n) ________ attack, information that a user enters is sent back to the user in a webpage.

If NAT changes the Layer 3 IP destination addresses, the protocol will still work properly.

In a URL, ".." (without the quotes) means ________.

To prevent eavesdropping, applications should ________.

DNS, DHCP, and LDAP are examples of supervisory protocols in TCP/IP.

RTP stands for ________.

Which of the following is the most dangerous because it can do more on a computer when it is executed?

Java applets are large Java programs.

Someone breaks into a corporate VoIP system to place free long-distance and international toll calls. This is referred to by security professionals as ________.

Which version of SNMP allows the manager to have a different shared secret with each agent?

PKI uses circles of trust.

Operating system account passwords provide limited protection.

When securing application configuration settings, default password settings should not be changed.

Skype can decrypt and read user traffic.

SIP proxy servers are used in ________.

Companies are responsible for filtering sexually or racially harassing messages and can be sued for not doing so.

Blind SQL injection uses a series of SQL statements that produce different responses based on true/false questions, or timed responses.

In Internet Explorer, the Security tab controls the website's pop-up blocker.

The Threat Environment

Planning and Policy

Cryptography

Secure Networks

Access Control

Firewalls

Host Hardening

Data Protection

Incident and Disaster Response

Module A: Networking Concepts

Filters