Assignment
1. All but which one of the following is security vulnerability found in RIP?
a. Broadcasts all data
b. No authentication
c. Travels only 56 hops
d. Subject to route poisoning
2. Which of the following is the main purpose of ICMP?
a. Packet delivery
b. Error detection and correction
c. Logical errors and diagnostics
d. IP packet delivery
3. OSPF operates at which of the following layers of the OSI model?
a. Session
b. Application
c. Transport
d. Network
4. Which of the following statements is true in regard to protocols?
a. IP is a routing protocol, whereas RIP is a routable protocol.
b. OSPF is a routing protocol, whereas IP is a routable protocol.
c. BGP is used as a routable protocol, whereas RIP is a routing protocol.
d. Routable protocols are used to de?ne the best path from point A to point B, while routing protocols are used to transport the data
5. Which of the following is a common application layer attack?
a. Port scanning
b. Malware
c. Session hijack
d. SYN attack
6. When choosing between guards and dogs for physical, which of the following factors must be considered?
a. Liability
b. Discernment
c. Dual role
d. Multifunction
7. Which of the following biometric authentication methods is most frequently found on laptops?
a. Retina
b. Fingerprint
c. Iris
d. Voice recognition
8. Which of the following lock grades should be selected in order to appropriately protect critical business assets?
a. Grade 4
b. Grade 2
c. Grade 1
d. Grade 3
9. CCTV can be used as which of the following type of tools?
a. Detective only
b. Preventive only
c. Detective and reactive
d. Reactive and preventative
10. Focal length defines which of the following camera qualities?
a. Degree of granularity
b. Ability to zoom
c. Scope of color
d. Horizontal and vertical view
11. Which of the following describes penetration testing as a four-step process?
a. HIPAA
b. NIST 800-42
c. FISMA
d. NIST 800-37
12. Which of the following is a corporate governance law that affects public corporations' financial reporting?
a. SOX
b. HIPAA
c. FISMA
d. NIST 800-53
13. Which of the following statements is most accurate in regard to successful security professionals?
a. Once certified, they are current for as long as they practice
b. They must have at minimum a masters level college degree
c. They commit to lifelong learning
d. They only need to know general terms of technology
14. Which of the following terms best describes hackers that occupy the lowest level of the hacker hierarchy?
a. Script kiddies
b. White-hathackers
c. Gray-hathackers
d. Black-hathackers
15. Which of the following controls take the form of software or hardware such as firewalls, proxies, and intrusion detection systems?
a. Administrative
b. Technical
c. Physical
d. Logical
16. In order to locate domain information on a Canadian organization, which of the following Regional Internet Registries would be checked first?
a. LACNIC
b. APNIC
c. RIPE
d. ARIN
17. Which of the following databases would be valuable for obtaining information about a company's financial history?
a. Internet Assigned Numbers Authority (IANA)
b. Wayback Machine
c. EDGAR
d. Whois
18. Which of the following is most likely to provide a wealth of publicly posted information about an organization's employees?
a. E-mail
b. Social networking sites
c. The organization's intranet
d. User group forums
19. In order to locate domain information on a European organization, which of the following Regional Internet Registries would be checked first?
a. LACNIC
b. APNIC
c. RIPE
d. ARIN
20. Which of the following best describes the purpose of the in title command?
a. Instructs Google to search for a term within the title of a document
b. Instructs Google to ignore words in the title of a specific document
c. Instructs Google to look in the URL of a specific site
d. Instructs Google to search a specific URL
21. Which of the following is a tool used for network mapping?
a. Superscan
b. Cheops
c. THC-Scan
d. Kismet
22. Which of the following ports does SSH operate on?
a. 20
b. 22
c. 80
d. 110
23. Which of the following is a tool used for wardriving?
a. Superscan
b. Cheops
c. THC-Scan
d. Kismet
24. Which of the following best describes the SYN flag?
a. Synchronize sequence number **a - 144
b. Acknowledgement of sequence number
c. Final data flag used during the four-step shutdown
d. Reset bit used to close an abnormal connection
25. Modems can be located by conducting what type of attack?
a. Wardialing
b. Wardriving
c. Pinging
d. Port scans
26. Which of the following is a commonly used hashing algorithm?
a.DES
b.MD5
c.AES
d. Twofish
27. Which of the following is a cipher commonly known as a key shift cipher?
a. Vernam
b. Caesar
c. Concealment
d. Vigenere
28. Key management includes all but which one of the following processes?
a. Generation
b. Storage
c. Destruction
d. Layering
29. Which of following methods is best suited in a situation where bulk encryption is required?
a.RSA
b.ECC
c.DES
d.MD5
30. Which of the following terms best describes the main principle behind PKI?
a. Hashing
b. Established trust
c. Nonreputation
d. Availability.