Which of the following statements about Microsoft's VPN client software is FALSE?
AThe VPN interface can be figured into the route table.
BThe VPN interface has the same IP address as the interface to the network it's been specified to protect.
CThe VPN client software is built into the Windows operating system.
DThe VPN tunnel appears as simply another adapter.
Which of the following quantifies the effects of a potential disaster over a period of time?
ARisk Assessment
BBusiness Impact Analysis
CDisaster Recovery Planning
DLessons Learned
With regard to defense-in-depth, which of the following statements about network design principles is correct?
AA secure network design requires that systems that have access to the Internet should not be accessible from the Internet and that systems accessible from the Internet should not have access to the Internet.
BA secure network design requires that networks utilize VLAN (Virtual LAN) implementations to insure that private and semi-public systems are unable to reach each other without going through a firewall.
CA secure network design will seek to provide an effective administrative structure by providing a single choke-point for the network from which all security controls and restrictions will be enforced.
DA secure network design will seek to separate resources by providing a security boundary between systems that have different network security requirements.
Which common firewall feature can be utilized to generate a forensic trail of evidence and to identify attack trends against your network?
ANAT
BState Table
CLogging
DContent filtering
Question 6
Defense in Depth
0
Question 7
Networking & Protocols
Question 8
Incident Handling & Response
Question 9
Windows as a Service
Question 10
Windows Access Controls
Question 11
Enforcing Windows Security Policy
Question 12
Windows Access Controls
Question 13
Cryptography
Question 14
Security Frameworks and CIS Controls
Question 15
Linux Security and Hardening
Question 16
Networking & Protocols
Question 17
Web Communication Security
Question 18
Defensible Network Architecture
Question 19
Cryptography Application
Question 20
Malicious Code & Exploit Mitigation
Question 21
Network Security Devices
Question 22
Cryptography Application
Question 23
Wireless Network Security
Question 24
Vulnerability Scanning and Penetration Testing
Question 25
Linux Fundamentals
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ad
Want a break from the ads?
Become a Supporter and enjoy a completely ad-free experience, plus unlock Learn Mode, Exam Mode, AstroTutor AI, and more.
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Ask AstroTutor
0
Your organization is developing a network protection plan. No single aspect of your network seems more important than any other. You decide to avoid separating your network into segments or categorizing the systems on the network. Each device on the network is essentially protected in the same manner as all other devices.
This style of defense-in-depth protection is best described as which of the following?
AUniform protection
BThreat-oriented
CInformation-centric
DProtected enclaves
When a packet leaving the network undergoes Network Address Translation (NAT), which of the following is changed?
ATCP Sequence Number
BSource address
CDestination port
DDestination address
Which of the following elements is the most important requirement to ensuring the success of a business continuity plan?
ADisaster Recover Plans
BAnticipating all relevant threats
CExecutive buy-in
DClearly defining roles and responsibilities
ETraining
Which of the following is a new Windows Server 2008 feature for the Remote Desktop Protocol (RDP)?
AThe ability to allow the administrator to choose a port other than the default RDP port (TCP 3389)
BThe ability to support connections from mobile devices like smart phones
CThe ability to allow clients to authenticate over TLS
DThe ability to allow clients to execute individual applications rather than using a terminal desktop
What is TRUE about Workgroups and Domain Controllers?
ABy default all computers running Windows 2008 can only form Domain Controllers not Workgroups
BWorkgroups are characterized by higher costs while Domain Controllers by lower costs
CYou cannot have stand-alone computers in the midst of other machines that are members of a domain
DWorkgroup computers cannot share resources, only computers running on the same domain can
EYou can have stand-alone computers in the midst of other machines that are members of a domain.
When are Group Policy Objects (GPOs) NOT applied automatically to workstations?
AAt 90-minute intervals
BAt logon
CEvery time Windows Explorer is launched
DAt boot-up
Which of the following would be a valid reason to use a Windows workgroup?
ALower initial cost
BSimplicity of single sign-on
CCentralized control
DConsistent permissions and rights
Which of the following is a characteristic of hash operations?
AAsymmetric
BNon-reversible
CSymmetric
DVariable length output
What is the discipline of establishing a known baseline and managing that condition known as?
ACondition deployment
BObservation discipline
CSecurity establishment
DConfiguration management
Which of the following Linux commands can change both the username and group name a file belongs to?
Achown
Bchgrp
Cchmod
Dnewgrp
What is the function of the TTL (Time to Live) field in IPv4 and the Hop Limit field in IPv6 In an IP Packet header?
AThese fields are decremented each time a packet is retransmitted to minimize the possibility of routing loops.
BThese fields are initialized to an initial value to prevent packet fragmentation and fragmentation attacks.
CThese fields are recalculated based on the required time for a packet to arrive at its destination.
DThese fields are incremented each time a packet is transmitted to indicate the number of routers that an IP packet has traversed.
While using Wire shark to investigate complaints of users being unable to login to a web application, you come across an HTTP POST submitted through your web application. The contents of the POST are listed below. Based on what you see below, which of the following would you recommend to prevent future damage to your database?
AUse ssh to prevent a denial of service attack
BSanitize user inputs to prevent injection attacks
CAuthenticate users to prevent hackers from using your database
DUse https to prevent hackers from inserting malware
Which of the following systems acts as a NAT device when utilizing VMware in NAT mode?
AGuest system
BLocal gateway
CHost system
DVirtual system
Which of the following choices accurately describes how PGP works when encrypting email?
APGP encrypts the message with the recipients public key, then encrypts this key with a random asymmetric key.
BPGP creates a random asymmetric key that it uses to encrypt the message, then encrypts this key with the recipient's public key
CPGP creates a random symmetric key that it uses to encrypt the message, then encrypts this key with the recipient's public key
DPGP encrypts the message with the recipients public key, then encrypts this key with a random symmetric key.
The previous system administrator at your company used to rely heavily on email lists, such as vendor lists and Bug Traq to get information about updates and patches. While a useful means of acquiring data, this requires time and effort to read through. In an effort to speed things up, you decide to switch to completely automated updates and patching. You set up your systems to automatically patch your production servers using a cron job and a scripted apt-get upgrade command. Of the following reasons, which explains why you may want to avoid this plan?
AThe apt-get upgrade command doesn't work with the cron command because of incompatibility
BRelying on vendor and 3rd party email lists enables updates via email, for even faster patching
CAutomated patching of production servers without prior testing may result in unexpected behavior or failures
DThe command apt-get upgrade is incorrect, you need to run the apt-get update command
Why are false positives such a problem with IPS technology?
AFile integrity is not guaranteed.
BMalicious code can get into the network.
CLegitimate services are not delivered.
DRules are often misinterpreted.
What are the two actions the receiver of a PGP email message can perform that allows establishment of trust between sender and receiver?
ADecode the message by decrypting the asymmetric key with his private key, then using the asymmetric key to decrypt the message.
BDecode the message by decrypting the symmetric key with his private key, then using the symmetric key to decrypt the message.
CDecode the message by decrypting the symmetric key with his public key, then using the symmetric key to decrypt the message.
DDecrypt the message by encrypting the digital signature with his private key, then using the digital signature to decrypt the message.
Which of the following radio frequencies is used by the IEEE 802.11a wireless network?
A3.7 GHz
B7.0 GHz
C2.4 GHz
D5.0 GHz
Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 domain- based network. The network contains ten Windows 2003 member servers, 150 Windows XP Professional client computers. According to the company's security policy, Mark needs to check whether all the computers in the network have all available security updates and shared folders. He also needs to check the file system type on each computer's hard disk. Mark installs and runs MBSACLI.EXE with the appropriate switches on a server. Which of the following tasks will he accomplish?
ANone of the tasks will be accomplished.
BHe will be able to check the file system type on each computer's hard disk.
CHe will be able to accomplish all the tasks.
DHe will be able to check all available security updates and shared folders.
You work as a Network Administrator for Tech Perfect Inc. The company has a Linux-based network. You want to kill a process running on a Linux server. Which of the following commands will you use to know the process identification number (PID) of the process?
