Question 1

An IDS that compares observed activity with defined patterns is a

Accepted Answer

A)  Firewall 
B)  Signature-based IDS 
C)  Anomaly-based IDS 
D)  Protocol-state IDS 
A)  Firewall 
B)  Signature-based IDS 
C)  Anomaly-based IDS 
D)  Protocol-state IDS C

Question 2

Assessing the safety of a file using scores calculated from its observable attributes is called

Accepted Answer

A)  Reputation based end-point protection 
B)  Protocol-based end-point protection 
C)  Anomaly-based end-point protection 
D)  Signature-based end-point protection 
A)  Reputation based end-point protection 
B)  Protocol-based end-point protection 
C)  Anomaly-based end-point protection 
D)  Signature-based end-point protection A

Question 3

The merits of firewalls include all the following except

Accepted Answer

A)  Costs 
B)  Complexity 
C)  Wide availability 
D)  Vulnerability to poor configuration 
A)  Costs 
B)  Complexity 
C)  Wide availability 
D)  Vulnerability to poor configuration D

Question 4

PINs are useful in high security systems

Accepted Answer

A) True 
 B)False

Question 5

Password guessing is

Accepted Answer

A)  Passwords on the system known to unauthorized users 
B)  Acquiring passwords from storage, network transmission or user knowledge 
C)  Repeated attempts to authenticate using possible passwords 
D)  Generating character strings to match existing passwords 
A)  Passwords on the system known to unauthorized users 
B)  Acquiring passwords from storage, network transmission or user knowledge 
C)  Repeated attempts to authenticate using possible passwords 
D)  Generating character strings to match existing passwords

Question 6

An IDS that looks for specific sequences of bytes is a

Accepted Answer

A)  Firewall 
B)  Signature-based IDS 
C)  Anomaly-based IDS 
D)  Protocol-state IDS 
A)  Firewall 
B)  Signature-based IDS 
C)  Anomaly-based IDS 
D)  Protocol-state IDS

Question 7

End-point protection defends against attacks on

Accepted Answer

A)  Firewalls 
B)  Offices 
C)  Vehicles 
D)  Desktops 
A)  Firewalls 
B)  Offices 
C)  Vehicles 
D)  Desktops

Question 8

A firewall is

Accepted Answer

A)  A list of permissions attached to specified objects 
B)  The process of defining, implementing, and maintaining password policies throughout an enterprise 
C)  A form of protection that allows one network to connect to another network while maintaining some amount of protection 
D)  Passwords on the system known to unauthorized users 
A)  A list of permissions attached to specified objects 
B)  The process of defining, implementing, and maintaining password policies throughout an enterprise 
C)  A form of protection that allows one network to connect to another network while maintaining some amount of protection 
D)  Passwords on the system known to unauthorized users

Question 9

An IDS that compares observed events against defined activities for each protocol is a

Accepted Answer

A)  Firewall 
B)  Signature-based IDS 
C)  Anomaly-based IDS 
D)  Protocol-state IDS 
A)  Firewall 
B)  Signature-based IDS 
C)  Anomaly-based IDS 
D)  Protocol-state IDS

Question 10

Password cracking is

Accepted Answer

A)  Passwords on the system known to unauthorized users 
B)  Acquiring passwords from storage, network transmission or user knowledge 
C)  Repeated attempts to authenticate using possible passwords 
D)  Generating character strings to match existing passwords 
A)  Passwords on the system known to unauthorized users 
B)  Acquiring passwords from storage, network transmission or user knowledge 
C)  Repeated attempts to authenticate using possible passwords 
D)  Generating character strings to match existing passwords

Question 11

Considerations while prioritizing patches include all of the following except the

Accepted Answer

A)  Importance of the vulnerability 
B)  Importance of the system to be patched 
C)  Licensing costs 
D)  Dependencies with other patches 
A)  Importance of the vulnerability 
B)  Importance of the system to be patched 
C)  Licensing costs 
D)  Dependencies with other patches

Question 12

Password capturing is

Accepted Answer

A)  Passwords on the system known to unauthorized users 
B)  Acquiring passwords from storage, network transmission or user knowledge 
C)  Repeated attempts to authenticate using possible passwords 
D)  Generating character strings to match existing passwords 
A)  Passwords on the system known to unauthorized users 
B)  Acquiring passwords from storage, network transmission or user knowledge 
C)  Repeated attempts to authenticate using possible passwords 
D)  Generating character strings to match existing passwords

Question 13

Examining byte sequences in incoming and outgoing data is called

Accepted Answer

A)  Reputation based end-point protection 
B)  Protocol-based end-point protection 
C)  Anomaly-based end-point protection 
D)  Signature-based end-point protection 
A)  Reputation based end-point protection 
B)  Protocol-based end-point protection 
C)  Anomaly-based end-point protection 
D)  Signature-based end-point protection

Question 14

The de-militarized zone in the context of information security refers to

Accepted Answer

A)  The network that hosts external services such as email, web and DNS 
B)  The Internet 
C)  The internal corporate network 
D)  The organization's reception area 
A)  The network that hosts external services such as email, web and DNS 
B)  The Internet 
C)  The internal corporate network 
D)  The organization's reception area

Question 15

Patches should always be installed as soon as they become available

Accepted Answer

A) True 
 B)False

Question 16

Methods used by endpoint security software for recognizing malware include

Accepted Answer

A)  Reputations 
B)  Cracking 
C)  Certificates 
D)  Passwords 
A)  Reputations 
B)  Cracking 
C)  Certificates 
D)  Passwords

Question 17

Threats to passwords include

Accepted Answer

A)  Password guessing 
B)  Password capturing 
C)  Password replacing 
D)  All of the above 
A)  Password guessing 
B)  Password capturing 
C)  Password replacing 
D)  All of the above

Question 18

A PIN is

Accepted Answer

A)  A short numerical password 
B)  A sequences of words used as a password 
C)  An alpha-numeric phrase used for authentication 
D)  None of the above 
A)  A short numerical password 
B)  A sequences of words used as a password 
C)  An alpha-numeric phrase used for authentication 
D)  None of the above

Question 19

Compromised passwords is/ are

Accepted Answer

A)  Passwords on the system known to unauthorized users 
B)  Acquiring passwords from storage, network transmission or user knowledge 
C)  Repeated attempts to authenticate using possible passwords 
D)  Generating character strings to match existing passwords 
A)  Passwords on the system known to unauthorized users 
B)  Acquiring passwords from storage, network transmission or user knowledge 
C)  Repeated attempts to authenticate using possible passwords 
D)  Generating character strings to match existing passwords

Question 20

Password management is

Accepted Answer

A)  A list of permissions attached to specified objects 
B)  A form of protection that allows one network to connect to another network while maintaining some amount of protection 
C)  The process of defining, implementing, and maintaining password policies throughout an enterprise 
D)  Passwords on the system known to unauthorized users 
A)  A list of permissions attached to specified objects 
B)  A form of protection that allows one network to connect to another network while maintaining some amount of protection 
C)  The process of defining, implementing, and maintaining password policies throughout an enterprise 
D)  Passwords on the system known to unauthorized users

An IDS that compares observed activity with defined patterns is a

Assessing the safety of a file using scores calculated from its observable attributes is called

The merits of firewalls include all the following except

PINs are useful in high security systems

Password guessing is

An IDS that looks for specific sequences of bytes is a

End-point protection defends against attacks on

A firewall is

An IDS that compares observed events against defined activities for each protocol is a

Password cracking is

Considerations while prioritizing patches include all of the following except the

Password capturing is

Examining byte sequences in incoming and outgoing data is called

The de-militarized zone in the context of information security refers to

Patches should always be installed as soon as they become available

Methods used by endpoint security software for recognizing malware include

Threats to passwords include

A PIN is

Compromised passwords is/ are

Password management is

Introduction

System Administration

System Administration 2

Basic Information Security Model

Asset Identification and Characterization

Threats and Vulnerabilities

Encryption Controls

Identity and Access Management

Shell Scripting

Incident Handling

Incident Analysis

Policies, Standards and Guidelines

It Risk Analysis and Risk Management

Filters

Exam 9: Hardware and Software Controls

An IDS that compares observed activity with defined patterns is a

Assessing the safety of a file using scores calculated from its observable attributes is called

The merits of firewalls include all the following except

PINs are useful in high security systems

Password guessing is

An IDS that looks for specific sequences of bytes is a

End-point protection defends against attacks on

A firewall is

An IDS that compares observed events against defined activities for each protocol is a

Password cracking is

Considerations while prioritizing patches include all of the following except the

Password capturing is

Examining byte sequences in incoming and outgoing data is called

The de-militarized zone in the context of information security refers to

Patches should always be installed as soon as they become available

Methods used by endpoint security software for recognizing malware include

Threats to passwords include

A PIN is

Compromised passwords is/ are

Password management is

Introduction

System Administration

System Administration 2

Basic Information Security Model

Asset Identification and Characterization

Threats and Vulnerabilities

Encryption Controls

Identity and Access Management

Shell Scripting

Incident Handling

Incident Analysis

Policies, Standards and Guidelines

It Risk Analysis and Risk Management

Filters