SSCP3 Flashcards by Sean O

What enables a workstation to boot without requiring a hard or floppy disk drive? A. Bootstrap Protocol (BootP). B. Reverse Address Resolution Protocol (RARP). C. Address Resolution Protocol (ARP). D. Classless Inter-Domain Routing (CIDR).

A. Bootstrap Protocol (BootP).

How well did you know this?

Not at all

Perfectly

Which of the following protocols is designed to send individual messages securely? A. Kerberos B. Secure Electronic Transaction (SET). C. Secure Sockets Layer (SSL). D. Secure HTTP (S-HTTP).

D. Secure HTTP (S-HTTP).

How well did you know this?

Not at all

Perfectly

Secure Electronic Transaction (SET) and Secure HTTP (S-HTTP) operate at which layer of the OSI model? A. Application Layer. B. Transport Layer. C. Session Layer. D. Network Layer.

A. Application Layer.

How well did you know this?

Not at all

Perfectly

Which of the following is the core of fiber optic cables made of? A. PVC B. Glass fibers C. Kevlar D. Teflon

B. Glass fibers

How well did you know this?

Not at all

Perfectly

Which SSL version offers client-side authentication? A. SSL v1 B. SSL v2 C. SSL v3 D. SSL v4

C. SSL v3

How well did you know this?

Not at all

Perfectly

Which of the following statements pertaining to IPSec is incorrect? A. IPSec can help in protecting networks from some of the IP network attacks. B. IPSec provides confidentiality and integrity to information transferred over IP networks through transport layer encryption and authentication. C. IPSec protects against man-in-the-middle attacks. D. IPSec protects against spoofing.

B. IPSec provides confidentiality and integrity to information transferred over IP networks through transport layer encryption and authentication.

How well did you know this?

Not at all

Perfectly

Which of the following is NOT a characteristic or shortcoming of packet filtering gateways? A. The source and destination addresses, protocols, and ports contained in the IP packet header are the only information that is available to the router in making a decision whether or not to permit 671 traffic access to an internal network. B. They don’t protect against IP or DNS address spoofing. C. They do not support strong user authentication. D. They are appropriate for medium-risk environment.

D. They are appropriate for medium-risk environment.

How well did you know this?

Not at all

Perfectly

In order to ensure the privacy and integrity of the data, connections between firewalls over public networks should use: A. Screened subnets B. Digital certificates C. An encrypted Virtual Private Network D. Encryption

C. An encrypted Virtual Private Network

How well did you know this?

Not at all

Perfectly

Which of the following protocols does not operate at the data link layer (layer 2)? 672 A. PPP B. RARP C. L2F D. ICMP

D. ICMP

How well did you know this?

Not at all

Perfectly

Which of the following protocols operates at the session layer (layer 5)? A. RPC B. IGMP C. LPD D. SPX

A. RPC

How well did you know this?

Not at all

Perfectly

Which layer of the TCP/IP protocol stack corresponds to the ISO/OSI Network layer (layer 3)? A. Host-to-host layer B. Internet layer C. Network access layer D. Session layer

B. Internet layer

How well did you know this?

Not at all

Perfectly

The concept of best effort delivery is best associated with? A. TCP B. HTTP C. RSVP D. IP

D. IP

How well did you know this?

Not at all

Perfectly

Which layer of the OSI/ISO model handles physical addressing, network topology, line discipline, error notification, orderly delivery of frames, and optional flow control? A. Physical B. Data link 674 C. Network D. Session

B. Data link 674

How well did you know this?

Not at all

Perfectly

The Logical Link Control sub-layer is a part of which of the following? A. The ISO/OSI Data Link layer B. The Reference monitor C. The Transport layer of the TCP/IP stack model D. Change management control

A. The ISO/OSI Data Link layer

How well did you know this?

Not at all

Perfectly

Which of the following services relies on UDP? A. FTP B. Telnet C. DNS D. SMTP

C. DNS

How well did you know this?

Not at all

Perfectly

How many bits of a MAC address uniquely identify a vendor, as provided by the IEEE? A. 6 bits B. 12 bits C. 16 bits D. 24 bits 675

D. 24 bits 675

How well did you know this?

Not at all

Perfectly

Which Network Address Translation (NAT) is the most convenient and secure solution? A. Hiding Network Address Translation B. Port Address Translation C. Dedicated Address Translation D. Static Address Translation

B. Port Address Translation

How well did you know this?

Not at all

Perfectly

What is the primary difference between FTP and TFTP? A. Speed of negotiation B. Authentication C. Ability to automate D. TFTP is used to transfer configuration files to and from network equipment.

B. Authentication

How well did you know this?

Not at all

Perfectly

In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session? A. Both client and server B. The client’s browser C. The web server D. The merchant’s Certificate Server

B. The client’s browser

How well did you know this?

Not at all

Perfectly

Which of the following statements pertaining to PPTP (Point-to-Point Tunneling Protocol) is incorrect? A. PPTP allow the tunnelling of any protocols that can be carried within PPP. B. PPTP does not provide strong encryption. C. PPTP does not support any token-based authentication method for users. D. PPTP is derived from L2TP.

D. PPTP is derived from L2TP.

How well did you know this?

Not at all

Perfectly

Which of the following is less likely to be used today in creating a Virtual Private Network? A. L2TP B. PPTP C. IPSec D. L2F

D. L2F

How well did you know this?

Not at all

Perfectly

Which of the following rules appearing in an Internet firewall policy is inappropriate? A. Source routing shall be disabled on all firewalls and external routers. B. Firewalls shall be configured to transparently allow all outbound and inbound services. C. Firewalls should fail to a configuration that denies all services, and require a firewall administrator to re-enable services after a firewall has failed. D. Firewalls shall not accept traffic on its external interfaces that appear to be coming from internal network addresses.

B. Firewalls shall be configured to transparently allow all outbound and inbound services.

How well did you know this?

Not at all

Perfectly

SMTP can best be described as: A. a host-to-host email protocol. B. an email retrieval protocol. C. a web-based e-mail reading protocol. D. a standard defining the format of e-mail messages.

A. a host-to-host email protocol.

How well did you know this?

Not at all

Perfectly

What attack involves the perpetrator sending spoofed packet(s) wich contains the same destination and source IP address as the remote host, the same port for the source and destination, having the SYN flag, and targeting any open ports that are open on the remote host? 680 A. Boink attack B. Land attack C. Teardrop attack D. Smurf attack

B. Land attack

How well did you know this?

Not at all

Perfectly

Which of the following firewall rules found on a firewall installed between an organization's internal network and the Internet would present the greatest danger to the internal network? A. Permit all traffic between local hosts. B. Permit all inbound ssh traffic. C. Permit all inbound tcp connections. D. Permit all syslog traffic to log-server.abc.org.

C. Permit all inbound tcp connections.

Which of the following statements pertaining to link encryption is false? A. It encrypts all the data along a specific communication path. B. It provides protection against packet sniffers and eavesdroppers. C. Information stays encrypted from one end of its journey to the other. D. User information, header, trailers, addresses and routing data that are part of the packets are encrypted.

C. Information stays encrypted from one end of its journey to the other.

Which of the following statements pertaining to packet filtering is incorrect? A. It is based on ACLs. B. It is not application dependant. C. It operates at the network layer. D. It keeps track of the state of a connection.

D. It keeps track of the state of a connection.

Which of the following best defines source routing? A. The packets hold the forwarding information so they don't need to let bridges and routers 682 decide what is the best route or way to get to the destination. B. The packets hold source information in a fashion that source address cannot be forged. C. The packets are encapsulated to conceal source information. D. The packets hold information about redundant paths in order to provide a higher reliability.

A. The packets hold the forwarding information so they don't need to let bridges and routers 682 decide what is the best route or way to get to the destination.

Which of the following is a method of multiplexing data where a communication channel is divided into an arbitrary number of variable bit-rate digital channels or data streams. This method allocates bandwidth dynamically to physical channels having information to transmit? A. Time-division multiplexing B. Asynchronous time-division multiplexing C. Statistical multiplexing D. Frequency division multiplexing

C. Statistical multiplexing

Which of the following is NOT a defined ISO basic task related to network management? A. Fault management B. Accounting resources C. Security management D. Communications management

D. Communications management

Why is infrared generally considered to be more secure to eavesdropping than multidirectional radio transmissions? A. Because infrared eavesdropping requires more sophisticated equipment. B. Because infrared operates only over short distances. C. Because infrared requires direct line-of-sight paths. D. Because infrared operates at extra-low frequencies (ELF).

C. Because infrared requires direct line-of-sight paths.

Authentication Headers (AH) and Encapsulating Security Payload (ESP) protocols are the driving force of IPSec. Authentication Headers (AH) provides the following service except: A. Authentication B. Integrity C. Replay resistance and non-repudiations D. Confidentiality

D. Confidentiality

Encapsulating Security Payload (ESP) provides some of the services of Authentication Headers (AH), but it is primarily designed to provide: A. Confidentiality B. Cryptography C. Digital signatures D. Access Control

A. Confidentiality

Which of the following is NOT true about IPSec Tunnel mode? A. Fundamentally an IP tunnel with encryption and authentication B. Works at the Transport layer of the OSI model C. Have two sets of IP headers D. Established for gateway service

B. Works at the Transport layer of the OSI model

Which of the following statements is NOT true of IPSec Transport mode? A. It is required for gateways providing access to internal systems B. Set-up when end-point is host or communications terminates at end-points C. If used in gateway-to-host communication, gateway must act as host D. When ESP is used for the security protocol, the hash is only applied to the upper layer protocols contained in the packet

A. It is required for gateways providing access to internal systems

All following observations about IPSec are correct except: A. Default Hashing protocols are HMAC-MD5 or HMAC-SHA-1 B. Default Encryption protocol is Cipher Block Chaining mode DES, but other algorithms like ECC (Elliptic curve cryptosystem) can be used C. Support two communication modes - Tunnel mode and Transport mode D. Works only with Secret Key Cryptography

D. Works only with Secret Key Cryptography

Which of the following statements pertaining to firewalls is incorrect? A. Firewalls create bottlenecks between the internal and external network. B. Firewalls allow for centralization of security services in machines optimized and dedicated to the task. C. Firewalls protect a network at all layers of the OSI models. D. Firewalls are used to create security checkpoints at the boundaries of private networks.

C. Firewalls protect a network at all layers of the OSI models.

Which of the following ports does NOT normally need to be open for a mail server to operate? A. Port 110 B. Port 25 C. Port 119 D. Port 143

C. Port 119

Which of the following is an extension to Network Address Translation that permits multiple devices providing services on a local area network (LAN) to be mapped to a single public IP address? A. IP Spoofing B. IP subnetting C. Port address translation D. IP Distribution

C. Port address translation

At which OSI/ISO layer is an encrypted authentication between a client software package and a firewall performed? A. Network layer 691 B. Session layer C. Transport layer D. Data link layer

C. Transport layer

Which of the following is the primary reason why a user would choose a dial-up modem connection to the Internet when they have a faster, secure Internet connection through the organization's network? A. To access web sites that blocked by the organization's proxy server. B. To set up public services using the organization's resources. C. To check their personal e-mail. D. To circumvent the organization's security policy.

D. To circumvent the organization's security policy.

Which of the following can best eliminate dial-up access through a Remote Access Server as a hacking vector? A. Using a TACACS+ server. B. Installing the Remote Access Server outside the firewall and forcing legitimate users to authenticate to the firewall. C. Setting modem ring count to at least 5. D. Only attaching modems to non-networked hosts.

B. Installing the Remote Access Server outside the firewall and forcing legitimate users to authenticate to the firewall.

Which of the following was designed to support multiple network types over the same serial link? A. Ethernet B. SLIP C. PPP D. PPTP

C. PPP

Before the advent of classless addressing, the address 128.192.168.16 would have been considered part of: A. a class A network. B. a class B network. C. a class C network. D. a class D network.

B. a class B network.

What is an IP routing table? A. A list of IP addresses and corresponding MAC addresses. B. A list of station and network addresses with corresponding gateway IP address. C. A list of host names and corresponding IP addresses. D. A list of current network interfaces on which IP routing is enabled.

B. A list of station and network addresses with corresponding gateway IP address.

Which of the following was developed as a simple mechanism for allowing simple network terminals to load their operating system from a server over the LAN? A. DHCP B. BootP C. DNS D. ARP

B. BootP

What is the greatest danger from DHCP? A. An intruder on the network impersonating a DHCP server and thereby misconfiguring the DHCP clients. B. Having multiple clients on the same LAN having the same IP address. C. Having the wrong router used as the default gateway. D. Having the organization's mail server unreachable.

A. An intruder on the network impersonating a DHCP server and thereby misconfiguring the DHCP clients.

Which of the following should NOT normally be allowed through a firewall? A. SNMP B. SMTP C. HTTP D. SSH

A. SNMP

What can best be defined as a strongly protected computer that is in a network protected by a firewall (or is part of a firewall) and is the only host (or one of only a few hosts) in the network that can be directly accessed from networks on the other side of the firewall? A. A bastion host B. A screened subnet C. A dual-homed host D. A proxy server

A. A bastion host

Which of the following can be defined as an Internet protocol by which a client workstation can 695 dynamically access a mailbox on a server host to manipulate and retrieve mail messages that the server has received and is holding for the client? A. IMAP4 B. SMTP C. MIME D. PEM

A. IMAP4

Which of the following NAT firewall translation modes offers no protection from hacking attacks to an internal host using this functionality? A. Network redundancy translation B. Load balancing translation C. Dynamic translation D. Static translation

D. Static translation

Which of the following is the primary security feature of a proxy server? A. Virus Detection B. URL blocking C. Route blocking D. Content filtering

D. Content filtering

In the context of network enumeration by an outside attacker and possible Distributed Denial of Service (DDoS) attacks, which of the following firewall rules is not appropriate to protect an organization's internal network? A. Allow echo reply outbound B. Allow echo request outbound C. Drop echo request inbound D. Allow echo reply inbound

A. Allow echo reply outbound

Which of the following packets should NOT be dropped at a firewall protecting an organization's internal network? A. Inbound packets with Source Routing option set B. Router information exchange protocols C. Inbound packets with an internal address as the source IP address D. Outbound packets with an external destination IP address

D. Outbound packets with an external destination IP address

Why does fiber optic communication technology have significant security advantage over other transmission technology? A. Higher data rates can be transmitted. B. Interception of data traffic is more difficult. C. Traffic analysis is prevented by multiplexing. D. Single and double-bit errors are correctable.

B. Interception of data traffic is more difficult.

Layer 4 of the OSI stack is known as: 699 A. the data link layer B. the transport layer C. the network layer D. the presentation layer

B. the transport layer

Another name for a VPN is a: A. tunnel B. one-time password C. pipeline D. bypass

A. tunnel

Why is traffic across a packet switched network difficult to monitor? A. Packets are link encrypted by the carrier B. Government regulations forbids monitoring C. Packets can take multiple paths when transmitted D. The network factor is too high

C. Packets can take multiple paths when transmitted

Which one of the following is used to provide authentication and confidentiality for e-mail messages? A. Digital signature B. PGP C. IPSEC AH D. MD4

B. PGP

What is a packet sniffer? A. It tracks network connections to off-site locations. B. It monitors network traffic for illegal packets. C. It scans network segments for cabling faults. D. It captures network traffic for later analysis.

D. It captures network traffic for later analysis.

Which of the following media is MOST resistant to EMI interference? A. microwave B. fiber optic C. twisted pair D. coaxial cable

B. fiber optic

At which layer of ISO/OSI does the fiber optics work? A. Network layer B. Transport layer C. Data link layer D. Physical layer

D. Physical layer

While using IPsec, the ESP and AH protocols both provides integrity services. However when using AH, some special attention needs to be paid if one of the peers uses NAT for address translation service. Which of the items below would affects the use of AH and itÂ´s Integrity Check Value (ICV) the most? A. Key session exchange B. Packet Header Source or Destination address C. VPN cryptographic key size D. Crypotographic algorithm used

B. Packet Header Source or Destination address

Which of the following service is a distributed database that translate host name to IP address to IP address to host name? A. DNS B. FTP C. SSH D. SMTP

A. DNS

In computing what is the name of a non-self-replicating type of malware program containing malicious code that appears to have some useful purpose but also contains code that has a malicious or harmful purpose imbedded in it, when executed, carries out actions that are unknown to the person installing it, typically causing loss or theft of data, and possible system harm. A. virus B. worm C. Trojan horse. D. trapdoor

C. Trojan horse.

Which of the following virus types changes some of its characteristics as it spreads? A. Boot Sector B. Parasitic C. Stealth D. Polymorphic

D. Polymorphic

Virus scanning and content inspection of SMIME encrypted e-mail without doing any further processing is: A. Not possible B. Only possible with key recovery scheme of all user keys C. It is possible only if X509 Version 3 certificates are used D. It is possible only by "brute force" decryption

A. Not possible

Which virus category has the capability of changing its own code, making it harder to detect by anti-virus software? A. Stealth viruses B. Polymorphic viruses C. Trojan horses D. Logic bombs

B. Polymorphic viruses

The high availability of multiple all-inclusive, easy-to-use hacking tools that do NOT require much technical knowledge has brought a growth in the number of which type of attackers? A. Black hats B. White hats C. Script kiddies D. Phreakers

C. Script kiddies

Which of the following computer crime is MORE often associated with INSIDERS? A. IP spoofing B. Password sniffing C. Data diddling D. Denial of service (DOS)

C. Data diddling

What do the ILOVEYOU and Melissa virus attacks have in common? A. They are both denial-of-service (DOS) attacks. 710 B. They have nothing in common. C. They are both masquerading attacks. D. They are both social engineering attacks.

C. They are both masquerading attacks.

Crackers today are MOST often motivated by their desire to: A. Help the community in securing their networks. B. Seeing how far their skills will take them. C. Getting recognition for their actions. D. Gaining Money or Financial Gains.

D. Gaining Money or Financial Gains.

What best describes a scenario when an employee has been shaving off pennies from multiple accounts and depositing the funds into his own bank account? A. Data fiddling B. Data diddling C. Salami techniques D. Trojan horses

C. Salami techniques

Java is not: A. Object-oriented. B. Distributed. C. Architecture Specific. D. Multithreaded.

C. Architecture Specific.

What is malware that can spread itself over open network connections? A. Worm B. Rootkit C. Adware 712 D. Logic Bomb

A. Worm

Which of the following technologies is a target of XSS or CSS (Cross-Site Scripting) attacks? A. Web Applications B. Intrusion Detection Systems C. Firewalls D. DNS Servers

A. Web Applications

Which protocol is used to send email? A. File Transfer Protocol (FTP). B. Post Office Protocol (POP). C. Network File System (NFS). D. Simple Mail Transfer Protocol (SMTP).

D. Simple Mail Transfer Protocol (SMTP).

SSCP3 Flashcards

(77 cards)