1.3 Threat Management

Question 1

what is the most secure implementation of file transfer protocol (FTP)?

Answer 1

secure file transfer protocol (SFTP)

Question 2

what is the name for a hole in the security of an application deliberately left in place by a designer?

Answer 2

backdoor

Question 3

which malicious software infects a system without relying upon other applications for its execution?

Answer 3

a worm

Question 4

what does an anti-virus application signature file contain?

Answer 4

it contains identifying information about viruses

Question 5

which application or services uses TCP/UDP port 3389?

Answer 5

remote desktop protocol (RDP)

Question 6

which port number is used by TFTP?

Answer 6

UDP port 69

Question 7

what is the name for a fix that addresses a specific windows system problem or set of problems?

Answer 7

hotfix

Question 8

which firewall port should you enable to allow SMTP trafic to flow through the firewall?

Answer 8

port 25

Question 9

how many TCP/UDP ports are vulnerable to malicious attacks?

Answer 9

65,536

Question 10

which type of virus can change its signature to avoid detection?

Answer 10

polymorphic

Question 11

what is the default PPTP port?

Answer 11

TCP port 1723

Question 12

what is the purpose of NAC?

Answer 12

network access control (NAC) ensures that the computer on the network meets an organization’s security policies

Question 13

using role-based access control (RBAC), which entities are assigned roles?

Answer 13

users or subjects

Question 14

what is the name of the area that connects to a firewall and offers services to untrusted networks?

Answer 14

DMZ

Question 15

which virus creates many variants by modifying its code to deceive antivirus scanners?

Answer 15

polymorphic virus

Question 16

which port should you block at your network firewall to prevent telnet access?

Answer 16

port 23

Question 17

what is a good solution if you need to separate two departments into separate networks?

Answer 17

VLAN segregation

Question 18

which port number does LDAP use for communications encrypted using SSL/TLS?

Answer 18

port 636

Question 19

which type of code performs malicious acts only when a certain set of conditions occurs?

Answer 19

a logic bomb

Question 20

which firewall port should you enable to allow IMAP4 traffic to flow through the firewall?

Answer 20

TCP port 143

Question 21

which two port does FTP use?

Answer 21

ports 20 and 21

Question 22

what does VLAN segregation accomplish?

Answer 22

it protects each individual segment by isolating the segments

Question 23

which port number does HTTP use?

Answer 23

port 80

Question 24

which port numbers are used by NetBIOS?

Answer 24

ports 137, 138, 139

Question 25

which type of malware appears to perform a valuable function, but actually performs malicious acts?

Answer 25

trojan horse

Question 26

which port number does LDAP use when communications are not secured using SSL/TLS?

Answer 26

port 389

Question 27

what does the acronym RBAC denote?

Answer 27

role-based access control

Question 28

which viruses are written in macro language and typically infect operating systems?

Answer 28

macro viruses

Question 29

who can change a resource's category in a mandatory access control environment?

Answer 29

administrators only

Question 30

which port number does NNTP (network news transfer protocol) use?

Answer 30

TCP port 119

Question 31

what is a trojan horse?

Answer 31

malware that is disguised as a useful utility, but is embedded with a malicious code to infect computer systems

Question 32

which port number does NTP use?

Answer 32

port 123

Question 33

what does the acronym DAC denote?

Answer 33

discretionary access control

Question 34

which firewall port should you enable to allow POP3 traffic to flow through the firewall?

Answer 34

TCP port 110

Question 35

which port number does DHCP use?

Answer 35

port 67

Question 36

which port number is used by SSL, FTPS, and HTTPS?

Answer 36

TCP port 443

Question 37

which port number is used by SSH, SCP, and SFTP?

Answer 37

port 22

Question 38

what is the default L2TP port?

Answer 38

UDP port 1701

Question 39

which type of access control associates roles with each user?

Answer 39

role-based access control (RBAC)

Question 40

why should you install a software firewall and the latest software patches and hotfixes on your computer?

Answer 40

to reduce security risks

Question 41

what is the name for a collection of hotfixes that have been combined into a single patch?

Answer 41

a service pack

Question 42

which type of access control is the multi-level security mechanism used by the department of defense (DoD)?

Answer 42

mandatory access control (MAC)

Question 43

which port number does DNS use?

Answer 43

port 53

Question 44

which port number is used by SMB?

Answer 44

tcp port 445

Question 45

what is a file considered in a mandatory access control environment?

Answer 45

an object

Question 46

what is the purpose of anti-spam application or filters?

Answer 46

to prevent unsolicited e-mail

Question 47

which type of access control was originally developed for military use?

Answer 47

mandatory access control (MAC)

Question 48

when should you install a software patch on a production server?

Answer 48

after the patch has been tested

Question 49

which type of access control is most suitable for top-secret information?

Answer 49

mandatory access control (MAC)

Question 50

which port number does SNMP use?

Answer 50

UDP port 161

Question 51

in a secure network, what should be the default permission position?

Answer 51

implicit deny

Question 52

which port number does SSH use?

Answer 52

port 22

Question 53

which type of virus attempts to hide from antivirus software and from the operating system by remaining in memory?

Answer 53

stealth

Question 54

which port is used for LDAP authentication?

Answer 54

port 389

Question 55

which self-replicating computer program sends copies of itself to other devices on the network?

Answer 55

worm

Question 56

which port number is used by microsoft SQL server?

Answer 56

tcp port 1433

Question 57

which TCP port number does secure sockets layer (SSL) use?

Answer 57

port 443