Chapter 5 Quiz

Which of the following describes AppleTalk? Question 1 options: A) A. A legacy protocol used in networks hosting mainly Macintosh computers B) B. A policy that allows employees, contractors, and others to connect their own computers, smartphones, and other devices to their organizations' networks C) C. An application-programming interface (API) developed by IBM in 1985 to emulate NetBIOS on a token ring network D) D. An Application Layer protocol used by e-mail clients to receive messages from an e-mail server

All of the following are advantages of a defense-in-depth security design except which one? Question 2 options: A) A. Defense in depth avoids single points of failure. B) B. Defense in depth keeps senior management out of the activities of the security department. C) C. Defense in depth divides and conquers, which separates projects into smaller pieces. D) D. Defense in depth filters user interactions.

Which of the following is a portion of a software system that unauthenticated users can run? Question 3 options: A) A. Bring Your Own Device (BYOD) B) B. Attack surface C) C. Post Office Protocol (POP) D) D. Modeling

Which of the following refers to the end user's desktop devices such as a desktop computer, laptop, VoIP telephone, or other endpoint device? Question 4 options: A) A. LAN Domain B) B. Workstation Domain C) C. WAN Domain D) D. Remote Access Domain

Which of the following refers to the entity responsible for global coordination of IP addressing, DNS root, and other Internet protocol resources? Question 5 options: A) A. AppleTalk B) B. Bring Your Own Device (BYOD) C) C. Internet Assigned Numbers Authority (IANA) D) D. NetBIOS Extended User Interface (NetBEUI)

Which of the following is not a characteristic of a private address? Question 6 options: A) A. They are leased. B) B. They require translation. C) C. They can be mixed with public addresses. D) D. They are isolated from the Internet.

Which term describes a form of security based on hiding details of a system, or creating convolutions that are difficult to understand? Question 7 options: A) A. Firewall B) B. Bring Your Own Device (BYOD) C) C. Modeling D) D. Security through obscurity

What attack cracks a password or encryption key by trying all possible valid combinations from a defined set of possibilities (a set of characters or hex values)? Question 8 options: A) A. Brute-force attack B) B. Hybrid attack C) C. Dictionary password attack D) D. Modeling

Which attack uses a pre-constructed list of potential passwords or encryption keys? Question 9 options: A) A. Piloting B) B. Dictionary password attack C) C. Brute-force attack D) D. Hybrid attack

Which protocol and a data exchange system commonly used over TCP/IP networks, including the Internet, is unencrypted and performs authentication and data transfer in plaintext? Question 10 options: A) A. Post Office Protocol (POP) B) B. AppleTalk C) C. File Transfer Protocol (FTP) D) D. Hyper Text Transfer Protocol (HTTP)

Which of the following describes identity and access management (IAM)? Question 11 options: A) A. The security discipline that enables the right individuals to access the right resources at the right times consistent with organizational policy B) B. Portions of a software system that unauthenticated users can run C) C. A form of security based on hiding details of a system or creating convolutions that are difficult to understand to overcome the obscure methodology D) D. A policy of allowing or even encouraging employees, contractors, and others to connect their own computers, smartphones, and other devices to their organization's networks

Gathering through eavesdropping on communications, whether encrypted or not, is known as what? Question 12 options: A) A. Encryption B) B. Traffic and trend analysis C) C. Eavesdropping D) D. Filtering

Which of the following refers to the process of simulating and testing a new concept, design, programming technique, and so on before deployment into a production environment? Question 13 options: A) A. Eavesdropping B) B. Modeling C) C. AppleTalk D) D. Piloting

As an organization stretches beyond its capacity to support, sell, create, maintain, respond, produce, and so on, small problems quickly become big problems. Which of the following does not ensure long-term viability and stability for the business and network security design? Question 14 options: A) A. Steady growth B) B. Controlled growth C) C. Planned growth D) D. Unlimited growth

Which of the following describes a BYOD? Question 15 options: A) A. An application-programming interface (API) developed by IBM in 1985 to emulate NetBIOS on a token ring network B) B. A policy allowing or encouraging employees, contractors, and others to connect their own computers, smartphones, and other devices to their organization's networks C) C. A legacy protocol developed by Novell for its NetWare networking product D) D. A security feature that blocks DDoS attacks

Which of the following refers to the hardware, operating system software, database software, client-server applications, and data that are typically housed in the organization's data center and/or computer rooms? Question 16 options: A) A. Remote Access Domain B) B. WAN Domain C) C. System/Application Domain D) D. LAN Domain

Which of the following is given to an Application Layer protocol used by e-mail clients to receive messages from an e-mail server? Question 17 options: A) A. Simple Mail Transfer Protocol (SMTP) B) B. Post Office Protocol (POP) C) C. Transmission Control Protocol/Internet Protocol (TCP/IP) D) D. File Transfer Protocol (FTP)

Which term describes portions of a software system that unauthenticated users can run? Question 18 options: A) A. Internet Assigned Numbers Authority (IANA) B) B. File Transfer Protocol (FTP) C) C. Attack surface D) D. Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX)

Which of the following is defined as the act of avoiding single points of failure by building in multiple elements, pathways, or methods of accomplishing each mission-critical task? Question 19 options: A) A. Preparedness B) B. Redundancy C) C. Endpoint security D) D. Encryption

Which of the following is not true of VLANs? Question 20 options: A) A. They control traffic. B) B. They are cost-effective. C) C. VLAN configuration takes place in the switch. D) D. They require a change of IP address or re-cabling.