For the Following Quiz Questions

For the following quiz questions:

·  MA indicates the question has multiple correct answers

·  MC indicates the question has a single best correct answer

Quiz 5:

MC Q5.1 Which of the following is only able to replicate itself by embedding itself in files or disk master boot blocks?

A.  Worm

B.  Virus

C.  Trojan horse

D.  Spyware

MA Q5.2 Which of the of the following will alert the message recipient that a received message may have been modified prior to reception.? (Select all that apply)

A.  The keyed message digest has been altered

B.  The message received appears to be cipher-text

C.  The message received included a message digest that matches the message clear-text

D.  The digital signature cannot be verified

E.  The public key has been altered

MA Q5.3 Select all statements that correctly describe IP Security (IPsec). (Select all that apply)

A.  IPSec makes use of asymmetric encryption (public/private key encryption).

B.  IPSec makes use of symmetric (shared) keys for encryption.

C.  IPsec can make use of tunneling, whereby one IP packet is placed into the payload of another IP packet.

D.  For a network to use IPsec, all of the applications and the devices on the network must be configured to use IPSec.

E.  IPsec can only be used on networks running IPv6

MC Q5.4 The image below illustrates a sample Demilitarized Zone (DMZ) configuration for an organization. View the image, then follow the subsequent instructions.

Assuming that this DMZ has been configured correctly, select the statement that most correctly describes this configuration.

A.  For security, the HTTP server should be prevented from communicating with the SSH server.

B.  Node A is accessible from the Internet, but Node B is not.

C.  The only services accessible from the Internet are those provided by the SSH server, the FTP server and the HTTP server.

D.  Both Node A and Node B are accessible from the Internet.

E.  For security, Node A and Node B should be prevented from communicating with the HTTP server or the SSH server.

MC Q5.5 Which of the following are used to create a digital signature?

A.  Sender's private key and a cryptographically secure hash algorithm

B.  Sender's public key and a cryptographically secure hash algorithm

C.  Receiver's private key and a cryptographically secure hash algorithm

D.  Receiver's public key and a cryptographically secure hash algorithm

MA Q5.6 Which of the following statements correctly describe network packet filtering at the IP layer? (Select all that apply)

A.  Most IP Packet filtering firewalls determine what packets to filter based upon a set of rules which can be configured for a particular network or host.

B.  IP packet filtering determines which IP packets may flow into or out of a network or a computer.

C.  Most IP packet filtering firewalls determine what to filter based upon the IP header fields.

D.  IP packet filtering may either be applied to the perimeter of a network, or to individual hosts within a network, but it cannot be applied to both at the same time.

MA Q5.7 Which of the following statements are correct regarding operating systems that include Role Based Access Control (RBAC)? (Select all that apply)

A.  The operating system may provide built-in roles such as: Primary Administrator, System Administrator and Operator.

B.  Embedded (Real-time) operating systems provide RBOC.

C.  Windows operating systems provide RBOC

D.  Most linux systems provide RBAC by default.

MA Q5.8 Which of the following are major sources of vulnerabilities when developing software? (Select all that apply)

A.  Use of an object oriented design process

B.  Lack of comprehensive unit and integration testing

C.  Shared function/subroutine libraries

D.  Static function/subroutine libraries

E.  Insufficient exception handling

MA Q5.9 Which of the following correct regarding Windows processing of Access Control Lists (ACLs)? (Select all that apply)

A.  Windows ACL entries include Access Tokens

B.  If there is no ACL associated with the object then any process can access the object

C.  ACL entries are checked against the SID of the process until a match is found of the end of the ACL is reached

D.  If the ACL associated with an object exists but does not contain any entries then access is granted

MC Q5.10 The primary purpose of the Windows registry is to maintain ______. (Select the answer that correctly fills in the blank space in the preceding sentence.

A.  Sender's private key and a cryptographically secure hash algorithm

B.  Sender's public key and a cryptographically secure hash algorithm

C.  Receiver's private key and a cryptographically secure hash algorithm

D.  Receiver's public key and a cryptographically secure hash algorithm

MA Q5.11 Which of the following statements are correct regarding security on Windows operating systems? (Select all that apply)

A.  When a user account is assigned to a group, that user account inherits the permissions which are assigned to that group.

B.  Windows based security supports discretionary access control.

C.  A security descriptor is copied into each process executed by a user, and uniquely identifies both the user and the user's privileges.

D.  Access tokens are associated to objects, and enable the object's owner to determine which users and groups are allowed to access the object.

MA Q5.12 Which of the following statements are correct regarding application-level gateways? (Select all that apply)

A.  One common type of application-level gateway is an HTTP proxy.

B.  Application-level gateways usually filter application specific traffic.

C.  Application-level gateways are difficult to deploy, because in addition to acting as a standard IP firewall, they must monitor a host of specific application protocols.

D.  Application-level gateways require additional processing overhead when compared to an application using a direct TCP connection.

MA Q5.13 Which of the following statements are correct regarding user accounts on UNIX based systems? (Select all that apply)

A.  UNIX based systems support the ability to group user accounts, and to assign access control permissions to those groups.

B.  Passwords are located in the /etc/shadow file on legacy UNIX systems, but have been relocated to the /etc/passwd file on modern UNIX systems, so that the entries are more secure.

C.  Only the superuser has the ability to decrypt a user account's password.

D.  The /etc/shadow file is only readable by the superuser.

MA Q5.14 The IPsec Authentication Header (AH) security protocol protects different parts of the information transmitted by an element depending on whether transport or tunnel mode is used. Which of the following correctly identify those parts protected by AH for the specified mode. (Check all that are correct)

A.  In tunnel mode, AH protects all fields of the AH header, inner IP header and payload.

B.  In tunnel mode, AH protects all fields of the inner IP header, but not the inner IP payload.

C.  In transport mode, AH protects all fields in the outer IP header, the inner IP header, and the inner IP payload.

D.  In tunnel mode, AH protects all fields in the outer IP header, the inner IP header, and the inner IP payload.

E.  In transport mode, there is no use of an inner IP packet, so AH protects the non-mutable fields in the IP header, the AH header and payload.

MC Q5.15 Which of the following statements are correct regarding third-party access to an organization's equipment and applications?

A.  Third-parties cannot realistically be required to adhere to an organization's security policies and procedures while accessing the organization's equipment and applications.

B.  Third-party access to an organization's equipment and applications always presents unacceptable security risks, and should be disallowed.

C.  Third-party access to equipment and applications should always require authentication and authorization.

D.  Authentication and authorization of a third-party to access an organization's equipment and applications should be transferable and discretionary, in the event that the third-party needs another third party to gain access

MA Q5.16 The IPsec Encapsulating Security Payload (ESP) security protocol protects different parts of the information transmitted by an element depending on whether transport or tunnel mode is used. Which of the following correctly identify those parts protected by ESP for the specified mode. (Check all that are correct)

A.  tunnel mode: all fields of the outer IP header, the ESP header, inner IP header and payload

B.  transport mode: the ESP header and the payload

C.  tunnel mode: the ESP header, the inner IP header and payload

D.  transport mode: all fields in the IP header and payload

MA Q5.17 Which of the following make access control decisions based on application protocol message contents?? (Select all that apply)

A.  Intrusion Detection Systems (IDS)

B.  Intrusion Prevention Systems (IPS)

C.  Application-Level gateways

D.  Statefull packet filtering firewalls

E.  Packet filtering firewalls

F.  Application Proxies

MA Q5.18 Key Management includes the activity areas of? (Select all that apply)

A.  Key generation

B.  Encryption algorithm selection.

C.  Key usage

D.  Key distribution

E.  Key replacement

F.  Key destruction

MA Q5.19 Which of the following are vulnerabilities in the use of http with web sites? (Select all that apply)

A.  Tracking cookies

B.  HTTP Digest Access Authentication

C.  Cross-site scripting

D.  Rejecting the receipt of 3rd party cookies

MA Q5.20 Which of the following are considered an IP packet authorization and access control architecture mechanism used to protect networks? (Select all that apply)

A.  Screened host

B.  Screened subnet or Bastion Host

C.  NAT gateway

D.  DMZ