MIST 356 Exam 2

1.

1 point

A ________ attack is when a webserver is flooded with application layer web requests.

HTTP flood

Ping flood

None of the above

SYN flood

2.

1 point

The original 802.11 core security protocol, ________, was deeply flawed.

WPA

WEP

None of the above. The original core protocol was NOT deeply flawed.

802.11i

3.

1 point

In Kerberos, the ________ is the supplicant's proof that it has already authenticated itself with the Kerberos Server.

Neither A nor B

Both A and B

service ticket

ticket granting ticket

4.

1 point

________ security uses 128-bit AES encryption for confidentiality and AES-CCMP for automatic rekeying.

802.11i

WEP

None of the above

WPA

5.

1 point

2) In regards to network security, ________ means preventing unauthorized users from gaining information about the network structure, data flowing across the network, network protocols used, or packet header values.

confidentiality

availability

integrity

authentication

6.

1 point

________ is/are effective method(s) to preventing ARP poisoning attacks.

Static tables

Both A and B

Limiting local access

Neither A nor B

7.

1 point

In the military, departments do not have the ability to alter access control rules set by higher authorities in ________.

discretionary access control

policy-based access control

mandatory access control

multilevel access control

8.

1 point

Which of the following is one of the four bases for authentication credentials?

what you know

Neither A nor B

Both A and B

what you have

9.

1 point

________ is the process of collecting information about the activities of each individual in log files for immediate and later analysis.

Authentication

Authorizations

Auditing

Accuracy

10.

1 point

Most central authentication servers are governed by the ________ standard.

EAP

802.1X

RADIUS

IPsec

11.

1 point

CAs distribute public keys ________.

Neither A nor B

in digital certificates

only in ways using encryption for confidentiality

Both A and B

12.

1 point

Which of the following is an example of a wireless attack?

wireless DOS attacks

All of the above

unauthorized network access

man-in-the-middle attack using an evil twin

13.

1 point

________ is one method of thwarting DoS attacks by dropping all IP packets from an attacker.

P2P redirect

None of the above

Black holing

ICMP echo

14.

1 point

Giving a user permissions to use a certain resource is ________.

Both A and B

authorization

authentication

Neither A nor B

15.

1 point

An attacker controlling bots in a coordinated attack against a victim is known as a ________.

None of the above.

DDoS attack

DoS attack

ICMP

16.

1 point

Which of the following statements accurately describes fingerprint recognition?

fingerprint recognition is rarely used

fingerprint recognition scanners are very expensive

All of the above

fingerprint recognition is easily deceived

17.

1 point

A ________ attack is when a victim is flooded with SYN packets in an attempt to make many half-open TCP connections.

Ping flood

SYN flood

None of the above

HTTP flood

18.

1 point

Hand geometry recognition is used heavily for ________.

server access

PC access

door access

watch list access

19.

1 point

Microsoft's directory server product is ________.

Active Directory

Kerberos

LDAP

MS Directory

20.

1 point

Iris recognition technology is ________ and ________.

expensive, has low FARs

inexpensive, has low FARs

expensive, has high FARs

inexpensive, has high FARs

21.

1 point

________ is the process of assessing the identity of each individual claiming to have permission to use a resource.

Accuracy

Auditing

Authorizations

Authentication

22.

1 point

If Directory Server A trusts Directory Server B, Directory Server B trusts Directory Server C, and Directory Server A trusts Directory Server C, this is ________ trust.

one-way

transitive

intransitive

mutual

23.

1 point

________ is the centralized policy-based management of all information required for access to corporate systems by people, machines, programs, or other resources.

Identity management

Meta-directory service

Meta-identity management

Directory service

24.

1 point

________ is a good option if an attack is aimed at a single server because it keeps transmission lines at least partially open for other communication.

Black holing

Rate limiting

False open

None of the above

25.

1 point

Ensuring network ________ means that authorized users have access to information, services, and network resources.

confidentiality

integrity

availability

authentication

26.

1 point

________ are an additional layer of compromised hosts that are used to manage large groups of bots.

Handlers

Botnets

Phatbots

None of the above

27.

1 point

________ is a social engineering trick where an intruder may follow an authorized user through a door that the authorized user opens with an access device.

Trailing

Shoulder surfing

Piggybacking

Shadowing

28.

1 point

For computer access, a false ________ means that a legitimate user is denied access to a resource.

Both A and B

rejection

acceptance

Neither A nor B

29.

1 point

________ is used by ________ for authentication.

Neither A nor B

EAP, RADUS

Both A and B

RADIUS, EAP

30.

1 point

________ are compromised hosts running malware controlled by the hacker.

ICMP

Bots

DDoS

None of the above