MIS 4850 Systems Security
MIS 4850 Systems Security
Final Exam Review Questions
Access Control and Site Security
1. Which of the following operating systems does not provide RAM buffer protection?
a) Windows Vista
b) Windows XP Professional
c) Windows NT
d) Windows 2000
e) None of the above
2. With which of the following operating systems the login password can be bypassed by hitting the escape key?
a) Windows Vista
b) Windows XP Professional
c) Windows NT
d) Windows 2000
e) None of the above
3. Which of the following is true about Access cards that are designed for two-factor authentication?
a) their PINs are usually short like 4 characters for instance
b) a 4-character PIN is too risky for access cards
c) if an access card is lost, the best security measure is to cancel or disable it
d) None of the above
4. You need to implement a wireless network with 3 Access Points and 13 wireless laptops.
How many SSIDs need to be used in order to have all devices be part of the same WLAN?
a. Three different SSIDs
b. One same SSID
c. 16 different SSIDs
d. None of the above.
5. In a wireless network that uses WEP (Wired Equivalent Privacy) to provide wireless
security, which of the following may authenticate to an access point?
a) Only the administrator.
b) Only users with the correct WEP key.
c) Only users within the company.
d) Anyone can authenticate.
7. Users must type PINs when they use their access cards. This is an example of …
a. piggybacking
b. one-factor authentication
c. weak authentication
d. three-factor authentication
e. None of the above
8. A user walks up to a door, has his or her face scanned, and is admitted through the door. Assume nothing else. This is an example of...
a. verification
b. certification
c. None of the above
9. How could we prevent someone from installing a sniffer where wires connect to a switch?
a. Use newer switches
b. install sniffer detection systems
c. use switches with non-standard ports
d. use optical fiber instead of UTP
e. lock telecommunications closets
10. It may be possible to find media containing sensitive corporate data through...
a. Data digging
b. two-factor recognition
c. sensitivity analysis
d. Shredding
e. None of the above
Explanation: This is dumpster diving.
11. The network administrator created a group account. He added all employees with last name beginning with letter A, B, or C to the group. He then created another group account and added all the other employees to it. He finally assigned access rights to the groups. What access control strategy did he use?
a) Mandatory Access Control
b) Role Based Access Control
c) Discretionary Access Control
d) Logic Based Access Control
e) None of the above
Explanation: This is List-Based Access Control.
TCP/IP Internetworking
14. Which of the following is true in TCP/IP-based encapsulation?
a. Requests are encapsulated in TCP segments
b. Frames are encapsulated in packets
c. Neither a. nor b.
d. Both a and b.
15. If Layer N receives a message, which layer de-encapsulates the message?
a. N+1
b. N
c. N-1
d. Any of the above
e. None of the above
16. When it receives, which of the following does a router do first?
a. encapsulate
b. decapsulate (or de-encapsulate)
c. Neither a. nor b.
d. Both a. and b.
17. Which of the following is connectionless?
a. IP
c. TCP
d. None of the above.
18. With classful IP addresses, the network part of a class B IP address is ___ bits long.
a. 8
b. 24
d. 32
e. None of the above
19. How many messages are sent in a TCP opening?
a. One
b. Two (the message and its acknowledgement)
c. Four
d. None of the above
Explanation: Three messages are sent altogether in an opening
21. How many messages are sent in an abrupt TCP close, i.e. in a Reset?
a. Two (the message and its acknowledgement)
b. Three
c. Four
d. None of the above
24. What do we call messages at the Transport layer?
a. Frames
b. Packets
c. Both of the above.
d. Neither a. nor b.
Explanation: They are called segments (i.e. TCP segments) or datagrams (i.e. UDP datagrams)
25. A host sends a TCP segment with source port number 25 and destination port number 64562.
Which of the following is true? (Choose all correct answers)
a) The source host is a client computer
b) The source host is an email server
c) The destination host is a client computer
d) The destination host is a server computer
e) The source host is a web server
26. Use the ADDing technique to determine the logical network that computer A (IP address
192.168.1.5 with subnet mask 255.255.255.128) belongs to.
(--------------------------- 32 bit notation ----------------------( (Dotted decimal(
|IP | |
|address| |
|: | |
|2 |If Source IP Address = 172.16.*.* to 172.31.*.*, DENY [Private IP Address Range] |
|3 |If Source IP Address = 192.168.*.*, DENY [Private IP Address Range] |
|4 |If source IP address = 60.47.*.*, DENY [internal address range] |
|5 |If TCP SYN=1 AND FIN=1, DENY [crafted attack packet] |
|6 |If Destination IP Address = 60.47.3.9 AND TCP Destination Port = 80 or 443, PASS |
|7 |If TCP SYN = 1 and ACK = 0, DENY [Attempt to open connection from the outside] |
|8 |If TCP Destination Port = 20, DENY |
|9 |If TCP Destination Port = 135 Trough 139, DENY |
|10 |If TCP destination port = 513, DENY [UNIX rlogin without password] |
|11 |If UDP Destination Port = 69, DENY [Trivial FTP; no login necessary] |
|12 |DENY ALL |
43. Given the Exhibit shown above, which of the following is true?
a) Rule 1 can be deleted without jeopardizing security because, anyway, the Deny All will stop any incoming message with a source IP address in the 10.*.*.* range.
b) Deleting Rule 1 would allow a packet with a source IP address in the 10.*.*.* range to pass in certain cases.
c) None of the above.
44. Given the Exhibit, what specific service could someone using the source IP address 192.168.3.7 get access to in case Rule 3 is removed from the ACL? (Circle all correct answers).
a) email service
b) HTTP webservice
c) ftp service
d) secure HTTP webservice
e) All of the above
45. What is the purpose of Rule 4 in the ACL shown in the Exhibit?
a) to prevent messages with source IP address in the internal address range from passing
b) to deny access to any incoming packet destined to any internal server computer
c) to prevent outsiders from using internal IP addresses in spoofing attacks
d) None of the above.
46. As the network administrator in charge of configuring the company’s firewall, you have to change the ACL in the Exhibit to add a rule that allows packet destined to a an internal secured web server (HTTPS) that has the 60.47.3.7 IP address to pass. (Note: the Appendix list TCP/UDP ports for common services). Write down the rule: ______________________________________________________________________________
47. Where the rule you wrote down should be inserted in the ACL?
a) Anywhere before Rule 7
b) between Rule 5 and Rule 6
c) between Rule 4 and Rule 5
Host Hardening
48. To know how to install an operating system with secure configuration options, you would use
a. a security baseline
b. a standard
c. a security template
d. a wizard
49. In a Windows network, which of the following could be used to implement security measures on multiple computers through a domain?
a. Policy Maker
b. GPO
c. Domain ACL
Explanation: Group policies are used. Group policies are configured in a group policy object or GPO.
50. UNIX command-line interfaces are called _____.
a. versions
b. shells
c. GUIs
d. distributions
e. windows
51. Cisco’s operating system for its routers and most of its managed switches is...
a) UNIX
b) LINUX
c) Windows
d) None of the above
Explanation: It’s IOS
52. Traditionally, default installations of operating systems _____.
a. turn on many infrequently used services to ease management labor
b. turn off most infrequently used services to reduce RAM and processing requirements
c. All of the above
53. In Windows, when files are encrypted using Encrypted File System, an attacker who breaks in can still get a copy of the files and easily read the content.
a) True
b) False
Element of Cryptography
54. Jason sends a message to Kristin using public key encryption for confidentiality. What key will Jason use to encrypt the message?
a. Jason’s private key
b. Jason’s public key
c. Kristin’s Public key
d. None of the above
55. Which of the following is needed in order to encrypt the following message that you want to send to a business partner? “The total amount to be paid for order #C1222 is $23,000.00” (Circle all that apply)
b. a ciphertext
c. a key
d. an authenticator
e. an encryption method or algorithm
56. Encryption is used for _____.
a. confidentiality
b. authentication
c. Both of the above.
57. In symmetric encryption in a two-way dialog, how many keys are used in total for confidentiality?
a. one
b. two
c. four
58. Which of the following do cryptographic systems protect?
a) Data stored on local storage media (like hard drives) from access by unauthorized users
b) Data being transmitted from point A to point B in a network
c) Both a and b
59. Based on how encryption systems work, which of the following is the worst thing that
could happen?
a) An attacker gets a copy of the encryption and decryption algorithms
b) An attacker gets the decryption key
c) a and b are equally damaging
60. Which of the following is true about the difference between hashing and encryption?
(Choose all the apply)
a) In encryption, the output is similar in length to the input
b) In hashing, the output is similar in length to the input
c) In encryption, the output is of a fixed short length, regardless of input
d) In hashing, the output is of a fixed short length, regardless of the input
Cryptographic systems
61. What are the four stages of cryptographic systems?
a) Encapsulation
b) Initial negotiation of security parameters
c) Initial or mutual authentication
d) Key exchange or key agreement
e) Ongoing communication
62. Which of the following provides security at the transport layer?
a) IPsec
b) PPTP
c) SSL/TLS
d) Kerberos
63. Transmitting over the Internet with added security is the definition of _____.
a) tunneling
b) IPsec
c) PPTP
d) a VPN
64. Which of the following is true when comparing SSL/TLS to IPSec? (Choose all that apply)
a) SSL/TLS operated at the Transport layer whereas IPSec operates ate the Internet layer.
b) SSL/TLS operated at the Internet layer whereas IPSec operates ate the Transport layer.
c) SSL/TLS is usually used to secure applications or services like Webservice and email.
d) IPSec can protect all kind of Transport layer messages and Application layer messages.
65. The result of hashing can be turned back to the original string. T F
66. Encryption is usually used in the initial negotiation phase of
cryptographic systems. T F
67. Once the partners are engaged in the ongoing communication phase there
is, usually, no need for the partners to do another authentication since the
communication is safe. T F
Applications Security
68. In e-mail operation, what computer transmits messages directly to the receiver’s computer upon request?
a) Sender’s computer
b) Sender’s mail server
c) Receiver’s mail server
d) None of the above
69. You want to connect to a mail server to download emails that were sent to you by your friends. Which of the following protocols would be used for communication with the mail server?
a) Simple Mail Transport Protocol
b) Internet Message Access Protocol
c) Extended transfer Protocol
d) None of the above
70. Which of the following protocols is used for communication between the sender’s computer and the sender’s email server?
a) Simple Mail Transport Protocol
b) Internet Message Access Protocol
c) Extended transfer Protocol
d) None of the above
71. Which of the following protocols is used for communication between the sender’s email server and the receiver’s email server?
a) Simple Mail Transport Protocol
b) Internet Message Access Protocol
c) Extended transfer Protocol
d) None of the above
72. Which of the following is true about using the PGP cryptographic system for e-mail encryption?
a) It is not widely built into client email programs
b) Even if PGP is not built into their email client programs, users can still use PGP as separate program to handle secure communication
c) Users can only use it for encryption/decryption if it is built into their email client programs.
d) Both a and b
e) None of the above
73. X.509 is a public-key cryptographic system that uses a hierarchical approach based on certificate authority. Which of the following is true about X.509 and PGP?
a) Both X.509 and PGP use digital signature and public-key encryption.
b) With X.509, the sender public key is obtained from a trusted third party
c) With PGP, the sender’s public key could be obtained without referring to a third party
d) All of the above
e) None of the above
74. Your company has decided to use S/MIME to secure email communication. Your advice is needed to proceed with the implementation of the S/MIME-based secure email communication. Which of the following will be among your list of advice?
a) S/MIME doesn’t use web trust. It uses another authentication method instead.
b) A good web trust infrastructure (or circles of trust) must be implemented.
c) None of the above
75. Assume that the home directory for the web site is C:\homeschool\web. Which of the following URL could be typed in the Address text box of a web browser to get the report.htm file located in the report directory which is a subdirectory under the home directory?
a) report.
b) report.report
c) report.report/report.htm
d) homeschool/Web/report/report.htm
e) None of the above
76. Write down the URL to retrieve the file experience.htm under the experience directory on the host .
____________________________________________________________________________
77. CGI requires the use of specific scripting languages like Javascript and VBscript. T F
-----------------------
60.47.3.1
Firewall
Trusted network
Untrusted network
60.47.3.5
60.47.3.9
60.47.3.2
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.