decrypting, and checking packets?
Select one:
a. IKE
b. ISAKMP
c. IPsec driver
d. Oakley protocol
answer
c. IPsec driver
question
What are the two modes in which IPsec can be configured to run?
Select one:
a. header and payload
b. tunnel and transport
c. client and server
d. transit and gateway
answer
b. tunnel and transport
question
What was created to address the problem of remote clients not meeting an organization's VPN security standards?
Select one:
a. VPN quarantine
b. IPsec filters
c. GRE isolation
d. split tunneling
answer
a. VPN quarantine
question
Which activity performed by VPNs encloses a packet within another packet?
Select one:
a. address translation
b. encapsulation
c. authentication
d. encryption
answer
b. encapsulation
question
Which IPsec component authenticates TCP/IP packets to ensure data integrity?
Select one:
a. AH
b. ESP
c. ISAKMP
d. IKE
answer
a. AH
question
Which of the following is a disadvantage of putting the VPN on a firewall?
Select one:
a. Internet and VPN traffic compete for resources
b. centralized control of network access security
c. VPN and firewall use the same configuration tools
d. more configuration mistakes
answer
a. Internet and VPN traffic compete for resources
question
Which of the following is a type of VPN connection?
Select one:
a. remote gateway
b. site-to-server
c. server-to-client
d. client-to-site
answer
d. client-to-site
question
Which of the following is an improvement of TLS over SSL?
Select one:
a. uses only asymmetric encryption
b. adds a hashed message authentication code
c. requires less processing power
d. uses a single hashing algorithm for all the data
answer
b. adds a hashed message authentication code
question
Which of the following is defined as a relationship between two or more entities that describes how they will use the security services to communicate?
Select one:
a. security association
b. internet key exchange
c. tunnel
d. pairing
answer
a. security association
question
Which of the following is NOT a factor a secure VPN design should address?
Select one:
a. encryption
b. performance
c. nonrepudiation
d. authentication
answer
c. nonrepudiation
question
Which of the following is NOT an essential element of a VPN?
Select one:
a. VPN server
b. VPN client
c. tunnel
d. authentication server
answer
d. authentication server
question
Which of the following is NOT true about a hardware VPN?
Select one:
a. have more security vulnerabilities than software VPNs
b. create a gateway-to-gateway VPN
c. can handle more traffic than software VPNs
d. should be the first choice for fast-growing networks
answer
a. have more security vulnerabilities than software VPNs
question
Which of the following is true about software VPNs?
Select one:
a. best when all router and firewall hardware is the same
b. more cost-effective than hardware VPNs
c. configuration is easy since there is no OS to rely upon
d. usually less flexible than hardware VPNs
answer
b. more cost-effective than hardware VPNs
question
Which of the following is true about SSL?
Select one:
a. it uses sockets to communicate between client and server
b. it operates at the Data Link layer
c. it uses shared-key encryption only
d. it uses IPsec to provide authentication
answer
a. it uses sockets to communicate between client and server
question
Which of the following is true about using VPNs?
Select one:
a. can use an existing broadband connection
b. more expensive than leased lines
c. usually higher performance than leased lines
d. not dependent on an ISP
answer
a. can use an existing broadband connection
question
Which VPN protocol is a poor choice for high-performance networks with many hosts due to vulnerabilities in MS-CHAP?
Select one:
a. L2TP
b. PPTP
c. SSL
d. IPsec
answer
b. PPTP
question
Which VPN protocol leverages Web-based applications?
Select one:
a. PPTP
b. SSL
c. L2TP
d. IPsec
answer
b. SSL
question
Which VPN protocol uses UDP port 1701 and does not provide confidentiality and authentication?
Select one:
a. L2TP
b. IPsec
c. PPTP
d. SSL
answer
a. L2TP
question
Which VPN protocol works at Layer 3 and can encrypt the entire TCP/IP packet?
Select one:
a. SSL
b. PPTP
c. IPsec
d. L2TP
answer
c. IPsec
question
Which VPN topology is also known as a hub-and-spoke configuration?
Select one:
a. star
b. partial mesh
c. bus
d. full mesh
answer
a. star
question
What feature of the 13 DNS root servers enables any group of servers to act as a root server?
Select one:
a. broadcast addressing
b. anycast addressing
c. multicast addressing
d. unicast addressing
answer
b. anycast addressing
question
What is a zone transfer?
Select one:
a. copying host file data to another system
b. the movement of e-mail from one domain to another
c. updating a secondary DNS server
d. backing up an SQL data file
answer
c. updating a secondary DNS server
question
What makes IP spoofing possible for computers on the Internet?
Select one:
a. network address translation
b. the lack of authentication
c. the 32-bit address space
d. the DNS hierarchy
answer
b. the lack of authentication
question
What type of attack displays false information masquerading as legitimate data?
Select one:
a. SQL injection
b. phishing
c. buffer overflow
d. Java applet
answer
b. phishing
question
What type of attack exploits a lack of bounds checking on the size of data stored in an array?
Select one:
a. buffer overflow
b. phishing
c. ActiveX control
d. SQL injection
answer
a. buffer overflow
question
What type of attack involves plaintext scripting that affects databases?
Select one:
a. ActiveX control
b. SQL injection
c. phishing
d. Java applet
answer
b. SQL injection
question
What type of DNS configuration prevents internal zone information from being stored on an Internet-accessible server?
Select one:
a. split-DNS architecture
b. anti-phishing DNS
c. read-only zone
d. caching DNS zone
answer
a. split-DNS architecture
question
What type of DNS server is authoritative for a specific domain?
Select one:
a. initial
b. read-only
c. primary
d. secondary
answer
c. primary
question
Which aspect of hardening a Windows Web server allows you to restrict access to the web server based on IP address?
Select one:
a. access control
b. authentication
c. data confidentiality
d. NTFS permissions
answer
a. access control
question
Which of the following is a highly secure public facility in which backbones have interconnected data lines and routers that exchange routing and traffic data?
Select one:
a. ISP
b. NAP
c. NSF
d. POP
answer
b. NAP
question
Which of the following is a top-level digital certificate in the PKI chain?
Select one:
a. DNSSEC resolver
b. trust anchor
c. RRSIG record
d. security-aware resolver
answer
b. trust anchor
question
Which of the following is NOT a recommended security setting for Apache Web servers?
Select one:
a. create Web groups
b. harden the underlying OS
c. disable HTTP traces
d. use the default standard Web page error messages
answer
d. use the default standard Web page error messages
question
Which of the following is NOT a step you should take to prevent attackers from exploiting SQL security holes?
Select one:
a. place the database server in a DMZ
b. limit table access
c. use stored procedures
d. use standard naming conventions
answer
d. use standard naming conventions
question
Which of the following is true about the Internet?
Select one:
a. it is the same as the World Wide Web
b. it was originally built on an extended star topology
c. it was established in the mid-1960s
d. it was developed by a network of banks and businesses
answer
c. it was established in the mid-1960s
question
Which variation on phishing modifies the user's host file to redirect traffic?
Select one:
a. DNS phishing
b. hijacking
c. spear phishing
d. pharming
answer
d. pharming
Haven't found what you need?
Search for quizzes and test answers now
Quizzes.studymoose.com uses cookies. By continuing you agree to our cookie policy
