NSTT Quizzes

1.

1 point

What are some disadvantages of a symmetric cryptosystem? (choose 2)

Symmetric crytosystems are slower

Cannot provide digital signatures that can be repudiated

With symmetric cryptosystems, encrypted data cannot be transferred on the link if there is a possibility that the data will be intercepted.

Symmetric cryptosystems have a problem of key transportation. The only secure way of exchanging keys would be exchanging them personally.

2.

1 point

Hash Functions:

Repeat the encryption algorithm several times, using unique keys

Accepts a variable sized message M as input and produces a fixed-sized tag H(M) as output.

Represents how a shared secret key is established between peers

Process plaintext in fixed-sized modules

3.

1 point

Which protocols comprise SSL? (choose 3)

Authentication

Encryption

Alert

Handshake

IP

Change Cipher Spec

4.

1 point

The IPSec Authentication Header(AH):

Does not provide data confidentiality of packets

Authenticates the inner IP packet and ESP header

Provides both encryption and authentication of the data payload

Represents how a shared secret key is established between peers

5.

1 point

Fa0/0 of a router is connected to the ISP. With the following reflexive ACLs:
ip access-list extended ReflectACL
permit ip any any reflect ReflectList
deny ip any any
ip access-list extended EvaluateACL
evaluate ReflectList
deny ip any any

What command will finish the placement on Fa0/0?

ip access-group EvaluateACL in

ip access-group ReflectList out

ip access-group EvaluateACL out

ip access-group ReflectList in

6.

1 point

A major AT&T communication station in San Francisco was:

'Tapped' by Search warrant served on AT&T

Discovered 'Tapped' by an AT&T engineer

'Tapped' by request of the NSA by AT&T

Not an AT&T station at all but an NSA station

7.

1 point

What can you do to reduce the risk of DoS attacks? (choose 3)

Run more VMs

Don't run servers close to capacity

set rules so servers stop responding to duplicate requests from the same IP within a given time frame

keep up to date on security patches

Upgrade the RAM

Upgrade the NIC

8.

1 point

Applications that require strong host authentication such as cryptographic do this at what layer?

9.

1 point

What are some advantages of an asymmetric cryptosystem? (choose 3)

Increased Security

Encrypted data can be transferred on the link even if there is a possibility that the data will be intercepted

Can provide digital signatures that can be repudiated

An asymmetric cryptosystem is faster.

There is no need for exchanging keys, thus eliminating the key distribution problem.

10.

1 point

The Spy Factory was a PBS presentation by:

Nova

Frontline

11.

1 point

What is the biggest data leakage challenge for organizations?

Data at rest

Data in motion

Data in use

12.

1 point

Block Ciphers:

Represents how a shared secret key is established between peers

Process plaintext in fixed-sized modules

Repeat the encryption algorithm several times, using unique keys

Accepts a variable sized message M as input and produces a fixed-sized tag H(M) as output.

13.

1 point

Osama Bin Laden's satellite phone transmissions were encrypted.

True

False

14.

1 point

Protecting or shielding one app from another is knows as
____________?

Application Security

App Protection

Sandboxing

App Shielding

15.

1 point

Fa0/0 of a router is connected to the ISP. With the following reflexive ACLs:
ip access-list extended ReflectACL
permit ip any any reflect ReflectList
deny ip any any
ip access-list extended EvaluateACL
evaluate ReflectList
deny ip any any

Fa0/0 of a router is connected to the ISP. Normally, the CBACs inspect should be placed on this interface.

IN

OUT

16.

1 point

- A ____ is a threat that appears to be a legitimate application but comes with an associated security risk / Is a risk that comes with the use of an application, even if the application can be used for legitimate purposes. (i.e. facebook or other messengers to help group collaboration.)

- Converting a known threat into an unknown threat (steve's addition to my quiz)

Trojan Threat

Spyware Threat

Masked Threat

Blended Threat

17.

1 point

Fa0/0 of a router is connected to the ISP. With the following reflexive ACLs:
ip access-list extended ReflectACL
permit ip any any reflect ReflectList
deny ip any any
ip access-list extended EvaluateACL
evaluate ReflectList
deny ip any any

What information is placed in the ReflectList ACL?

Depends on the reflect permit command

IP addresses and port numbers

IP addresses, port numbers, and session numbering

IP addresses, port numbers, session numbering, and timeout info

18.

1 point

Where does most mobile malware stem from?

Applications from websites that seem to be legitimate

Google Play / App Store (etc.)

Third party sites and markets

Emails and messages containing phishing attacks

19.

1 point

What are the main components of computer security? (choose 3)

Availability

Integrity

Encryption

Confidentiality

Concealment

Authentication

20.

1 point

Select a couple challenges facing organizations concerning security on mobile devices. (Choose 2)

Users generally do not read the acceptable use policy for use of a mobile device on company property.

Users hold greater weight on their own rights rather than employer's need for protection.

Users don't apply the same security to their mobile devices like they do with their PCs.

Users inherently believe their data is secure and confidential on a mobile device.

21.

1 point

What is not true about Site-to-Site VPNs?

They support a VPN client/server architecture

They enable organizations to use the internet infrastructure within ISPs and devices.

Upon receipt, the peer VPN gateway strips the headers, and relays the packet toward the target.

A VPN gateway is responsible for encapsulating outbound traffic

22.

1 point

What are some disadvantages of an asymmetric cryptosystem? (choose 2)

An asymmetric system needs to verify the authenticity of the public key

An asymmetric cryptosystem is slower.

Cannot provide digital signatures that can be repudiated

Asymmetric cryptosystems have a problem of key transportation. The only secure way of exchanging keys would be exchanging them personally.

23.

1 point

What are some advantages of a symmetric cryptosystem? (choose 2)

Increased security

Can provide digital signatures that can be repudiated

A system only which possesses the secret key can decrypt a message.

Symmetric cryptosystems are faster.

24.

1 point

The Foreign Intelligence Surveillance Act is by passed by:

An executive order.

Foreign Communications aren't governed by US law.

The National Security Act.

The Freedom of Information Act.

25.

1 point

Fa0/0 of a router is connected to the ISP. With the following reflexive ACLs:
ip access-list extended ReflectACL
permit ip any any reflect ReflectList
deny ip any any
ip access-list extended EvaluateACL
evaluate ReflectList
deny ip any any

What command will correctly place the reflexive on Fa0/0?

ip access-group ReflectList out

ip access-group ReflectACL in

ip access-group ReflectList in

ip access-group ReflectACL out

26.

1 point

The Foreign Intelligence Surveillance Act allows monitoring of:

Only communications based on terrorist activities

US communications based on a search warrant and any Foreign Communications

Only foreign communications

Any communication, foreign or domestic

27.

1 point

A port-based (legacy) firewall filters traffic based on static ACLs that focus on _____

Ports

IP address

MAC address

Session ID

Session Time

28.

1 point

What are some methods applications use to circumvent traditional firewalls? (choose 4)

Use non Standard ports

Port Swapping or Hopping

Tunnel inside other ports

MAC address spoofing

IP spoofing

Using a proxy

Encryption

29.

1 point

Symmetric encryption:

Uses a single key

Uses a public and private key

30.

1 point

Fa0/0 of a router is connected to the ISP. With the following reflexive ACLs:
ip access-list extended ReflectACL
permit ip any any reflect ReflectList
deny ip any any
ip access-list extended EvaluateACL
evaluate ReflectList
deny ip any any

Which statement is true about CBACs?

If the packet's application was not configured for CBAC inspection, the packet is simply dropped by the inspected interface.

If an inbound access list has been configured to permit all traffic, CBAC would create pointless openings in the firewall for packets which would be permitted anyway.