Add to collection(s) Add to saved
  1. Science
  2. Health Science
  3. Immunology

Chapter 11 Lab Manual Review Questions and Answers

advertisement 
Security+ Guide to Network Security, Second Edition
Lab Manual Solutions 11- 1
Chapter 11 Lab Manual Review Questions and Answers
Lab 11.1
1. Which of the following defines and describes acceptable methods
of connecting to an internal network from an outside source?
a.
b.
c.
d.
e.
remote access
information protection
perimeter security
acceptable use
none of the above
2. Which of the following defines and describes how physical security
is maintained?
a.
b.
c.
d.
e.
remote access
information protection
perimeter security
acceptable use
none of the above
3. Arrange the following incident response categories in their proper
order of completion in response to a virus incident.
a.
b.
c.
Identify the problem.
Isolate the system.
Notify the necessary people.
The proper order is (b, c, a).
4. Which of the following is a level 1 security incident?
a.
b.
c.
d.
sharing of user accounts
computer virus infection
employee termination
abuse of access privileges
5. Which of the following is a level 3 security incident?
a.
sharing of user accounts
b.
c.
d.
computer virus infection
employee termination
abuse of access privileges
Security+ Guide to Network Security, Second Edition
Lab Manual Solutions 11- 2
Lab 11.2
1. Policies have the greatest effect on _________.
a.
managers
b.
c.
d.
users
IT staff
auditors
2. Categorize each of the following as either “M” (what policies must
do) or “S” (what policies should do).
a.
b.
c.
d.
e.
f.
g.
Describe what is covered by the policies.
State why the policy is needed.
Be implemented and enforceable.
Define contacts and responsibilities.
Be concise and easy to understand.
Balance protection with productivity.
Discuss how violations will be handled.
a. (S), b. (M), c. (M), d. (S), e. (M), f. (M), g. (S)
3. You must have management support to be able to implement a
security policy. True or False?
4. Who should serve on a security committee to determine security
policy requirements?
a.
b.
c.
d.
management
IT staff
users
all of the above
5. Which of the following are reasons for resistance to security
policies? (Choose all that apply.)
a.
b.
Employees do not like change.
Security policies are illegal.
c.
d.
Employees fear being spied on.
all of the above
Security+ Guide to Network Security, Second Edition
Lab Manual Solutions 11- 3
Lab 11.3
1. Arrange the following in their proper order within the forensic
process.
a.
b.
c.
d.
e.
analysis
collection
examination
preparation
documentation
The correct order is d, b, c, a, e.
2. In network forensics, it is essential to keep track of the chain of
custody when handling evidence. True or False?
3. When responding to an incident, you should do which of the
following?
a.
b.
c.
d.
e.
Examine log files.
Look for sniffers.
Look for remote control programs.
Look for file sharing programs.
all of the above
4. If you are under attack from a hacker, what should you do first?
a.
b.
c.
d.
Observe the attacker.
Chase the attacker away.
Back up the system.
Catch the attacker.
5. If you want to prosecute an attacker, you should contact legal
counsel immediately. True or False?
6. What is the primary reason that most computer crimes go
unpunished?
a.
b.
c.
d.
lack of education
privacy issues
lack of resources
none of the above
7. A(n) _________ attack occurs when an attacker impersonates
another system by using its IP address.
a.
b.
c.
d.
DDoS
IP spoofing
IP splicing
IP tampering
Security+ Guide to Network Security, Second Edition
Lab Manual Solutions 11- 4
8. A(n) _________ attack occurs when an attacker denies legitimate
users access to a system.
a.
b.
c.
d.
DDoS
IP spoofing
IP splicing
IP tampering
9. A(n) _________ attack occurs when an attacker hijacks an active
session.
a.
b.
c.
d.
DDoS
IP spoofing
IP splicing
IP tampering
10. Which of the following is the first step of risk management?
a.
b.
c.
d.
e.
monitoring
evaluation of control
management
threat assessment
inventory
11. In which of the following stages of risk management is a vulnerability
list created?
a.
b.
c.
d.
e.
monitoring
evaluation of control
management
threat assessment
inventory
12. Which of the following stages of risk management is ongoing as
the process evolves?
a.
b.
c.
d.
e.
monitoring
evaluation of control
management
threat assessment
inventory
13. In what area of security management do you use an intrusion
detection system (IDS)?
a.
Security Technology Management
b.
c.
Vulnerability Management
Systems Availability
14. In what area of security management do you maintain a library of
Security+ Guide to Network Security, Second Edition
Lab Manual Solutions 11- 5
attack signatures?
a.
b.
Security Technology Management
Vulnerability Management
c.
d.
Exploitation Management
Systems Availability
15. Who is typically responsible for overseeing the risk management
process?
a.
b.
c.
IT manager
chief executive officer
chief financial officer
d.
chief security officer
Related documents
Reporting Incidents - Nanyang Technological University
Reporting Incidents - Nanyang Technological University
The foremost goal of the information security function should be to
The foremost goal of the information security function should be to
Concerns for College Students - Sexual Assault Response Services
Concerns for College Students - Sexual Assault Response Services
LG Electronics - Software Analysis Course
LG Electronics - Software Analysis Course
Chapter 1
Chapter 1
Sample final 1
Sample final 1
Hands on Demonstration for Testing Security in Web Applications
Hands on Demonstration for Testing Security in Web Applications
Chapter 9 Study Guide(Hector)
Chapter 9 Study Guide(Hector)
Chat GPT's second midterm review cheat sheet
Chat GPT's second midterm review cheat sheet
Introduction to Computer and Network Security 15-349 Iliano Cervesato
Introduction to Computer and Network Security 15-349 Iliano Cervesato
Integrity - Andrew.cmu.edu
Integrity - Andrew.cmu.edu
2-Application Security & Secure Software Development
2-Application Security & Secure Software Development
Understanding Embedded Security
Understanding Embedded Security
Management Information Systems
Management Information Systems
Network Security
Network Security
IC221 System Programming ___/40 Spring 2015 NAME:__________________________
IC221 System Programming ___/40 Spring 2015 NAME:__________________________
Papers on Web-based Fraud and Identity Theft
Papers on Web-based Fraud and Identity Theft
Network Security
Network Security
Common Types of Network Attacks
Common Types of Network Attacks
Document12643327 12643327
Document12643327 12643327
Lecture 3
Lecture 3
Attack=Chapter 1-QUESTIONS
Attack=Chapter 1-QUESTIONS
Download
advertisement