Review Questions
The answers to the Chapter Review Questions can be found in Appendix A.
1. Which component of physical security addresses outer-level access control?
A. Perimeter security
B. Mantraps
C. Security zones
D. Strong passwords
2. Which technology uses a physical characteristic to establish identity?
A. Biometrics
B. Surveillance
C. Smart card
D. CHAP authenticator
3. As part of your training program, you’re trying to educate users on the importance of security. You explain to them that not every attack depends on implementing advanced technological methods. Some attacks, you explain, take advantage of human shortcomings to gain access that should otherwise be denied. What term do you use to describe attacks of this type?
A. Social engineering
B. IDS system
C. Perimeter security
D. Biometrics
4. You’re in the process of securing the IT infrastructure by adding fingerprint scanners to your existing authentication methods. This type of security is an example of which of the following?
A. Access control
B. Physical barriers
C. Biometrics
D. Softening
5. Which type of attack denies authorized users access to network resources?
A. DoS
B. Worm
C. Logic bomb
D. Social engineering
6. As the security administrator for your organization, you must be aware of all types of attacks that can occur and plan for them. Which type of attack uses more than one computer to attack the victim?
A. DoS
B. DDoS
C. Worm
D. UDP attack
7. A server in your network has a program running on it that bypasses authentication. Which type of attack has occurred?
A. DoS
B. DDoS
C. Back door
D. Social engineering
8. You’ve discovered that an expired certificate is being used repeatedly to gain logon privileges. Which type of attack is this most likely to be?
A. Man-in-the-middle attack
B. Back door attack
C. Replay attack
D. TCP/IP hijacking
9. A junior administrator comes to you in a panic. After looking at the log files, he has become convinced that an attacker is attempting to use a duplicate IP address to replace another system in the network to gain access. Which type of attack is this?
A. Man-in-the-middle attack
B. Back door attack
C. Worm
D. TCP/IP hijacking
10. Which of the following is different from a virus in that it can reproduce itself, it’s self-contained, and it doesn’t need a host application to be transported?
A. Worm
B. Smurf
C. Phish
D. Trojan
11. A smurf attack attempts to use a broadcast ping on a network; the return address of the ping may be that of a valid system in your network. Which protocol does a smurf attack use to conduct the attack?
A. TCP
B. IP
C. UDP
D. ICMP
12. Your system log files report an ongoing attempt to gain access to a single account. This attempt has been unsuccessful to this point. What type of attack are you most likely experiencing?
A. Password-guessing attack
B. Back door attack
C. Worm attack
D. TCP/IP hijacking
13. One of the vice presidents of the company calls a meeting with the information technology department after a recent trip to competitors’ sites. She reports that many of the companies she visited granted access to their buildings only after fingerprint scans, and she wants similar technology employed at this company. Of the following, which technology relies on a physical attribute of the user for authentication?
A. Smart card
B. Biometrics
C. Mutual authentication
D. Tokens
14. Your company provides medical data to doctors from a worldwide database. Because of the sensitive nature of the data you work with, it’s imperative that authentication be established on each session and be valid only for that session. Which of the following authentication methods provides credentials that are valid only during a single session?
A. Tokens
B. Certificate
C. Smart card
D. Kerberos
15. Your help desk has informed you that they received an urgent call from the vice president last night requesting his logon ID and password. When talking with the VP today, he says he never made that call. What type of attack is this?
A. Spoofing
B. Replay attack
C. Social engineering
D. Trojan horse
16. Internal users suspect repeated attempts to infect their systems as reported to them by pop-up messages from their virus-scanning software. According to the pop-up messages, the virus seems to be the same in every case. What is the most likely culprit?
A. A server is acting as a carrier for a virus.
B. You have a caterpillar virus.
C. Your antivirus software has malfunctioned.
D. A DoS attack is under way.
17. You’re working late one night, and you notice that the hard disk on your new computer is very active even though you aren’t doing anything on the computer and it isn’t connected to the Internet. What is the most likely suspect?
A. A disk failure is imminent.
B. A virus is spreading in your system.
C. Your system is under a DoS attack.
D. TCP/IP hijacking is being attempted.
18. You’re the administrator for a large bottling company. At the end of each month, you routinely view all logs and look for discrepancies. This month, your email system error log reports a large number of unsuccessful attempts to log on. It’s apparent that the email server is being targeted. Which type of attack is most likely occurring?
A. Software exploitation attack
B. Backdoor attack
C. Worm
D. TCP/IP hijacking
19. Upper management has decreed that a firewall must be put in place immediately, before your site suffers an attack similar to one that struck a sister company. Responding to this order, your boss instructs you to implement a packet filter by the end of the week. A packet filter performs which function?
A. Prevents unauthorized packets from entering the network
B. Allows all packets to leave the network
C. Allows all packets to enter the network
D. Eliminates collisions in the network
20. Which media is susceptible to viruses?
A. Tape
B. Memory stick
C. CD-R
D. All of the above