Security+ Certification Questions Chapter 6: Host Hardening Identify non-essential services and protocols and know what actions to take to reduce the risks of those services and protocols (3 questions) QUESTION NO: 1 Which of the following represents the best method for securing a web browser? A. Do not upgrade, as new versions tend to have more security flaws. B. Disable any unused features of the web browser. C. Connect to the Internet using only a VPN (Virtual Private Network) connection. D. Implement a filtering policy for illegal, unknown and undesirable sites. Answer: B Explanation: Features that make web surfing more exciting like: ActiveX, Java, JavaScript, CGI scripts, and cookies all pose security concerns. Disabling them (which is as easy as setting your browser security level to High) is the best method of securing a web browser, since its simple, secure, and within every users reach. Incorrect answers: A: As newer versions one expects them to be better than the predecessors. However, this is not the best method to secure a web browser. C: VPN tunnels through the Internet to establish a link between two remote private networks. However, these connections are not considered secure unless a tunneling protocol, such as PPTP, and an encryption protocol, such as IPSec is used. D: This does not represent the best method for securing a web browser. QUESTION NO: 2 How many ports in TCP/IP (Transmission Control Protocol/Internet Protocol) are vulnerable to being scanned, exploited, or attached? A. 32 B. 1,024 C. 65,535 D. 16,777,216 Answer: C Explanation: Internet Control Message Protocol (ICMP) abuse and port scans represent known attack signatures. The Ping utility uses ICMP and is often used as a probing utility prior to an attack or may be the attack itself. If a host is being bombarded with ICMP echo requests or other ICMP traffic, this behavior should set off the IDS. Port scans are a more devious form of attack/reconnaissance used to discover information about a system. Port scanning is not an attack but is often a precursor to such activity. Port scans can be sequential, starting with port 1 and scanning to port 65535, or random. A knowledge-based IDS should recognize either type of scan and send an alert. MIS 4850 Systems Security 106759666 Page 1 of 4 QUESTION NO: 3 Which of the following ports does a DNS (Domain Name Service) server require? A. 21 B. 23 C. 53 D. 55 Answer: C Explanation: Port 53 is used for Domain Name System (DNS) Name Queries Incorrect answers: A: Ports 20 and 21 are associated with FTP, where 20 are used for file transfer data and 21 for command and control data. B: Telnet uses port 23. D: DHCP makes use of port 55. QUESTION NO: 4 For security purposes, which of the following should be implemented after installing a new operating system? A. Create application user accounts. B. Rename the guest account. C. Rename the administrator account, disable the guest accounts. D. Create a secure administrator account. Answer: C Explanation: Renaming the administrator account name and disabling the guest account will reduce the risk of a computer being attacked, because administrator accounts typically have full rights to all network resources. Incorrect answers: A: This can be done after application has been installed. B: The guest account is not as vulnerable or exploitable as an administrator account. D: Creating a secure administrator account is still an administrator account that can be exploited if it is not renamed after installing a new operating system. QUESTION NO: 9 Which of the following can limit exposure and vulnerability exposed by port scans? A. Disable the ability to remotely scan the registry. B. Leave all processes running for possible future use. C. Close all programs or processes that use a UDP (User Datagram Protocol) or TCP (Transmission Control Protocol) port. D. Uninstall or disable any programs or processes that are not needed for the proper use of the server. Leading the way in IT testing and certification tools, www.testking.in - 184 Answer: D Explanation: Hackers perform port scans to find out which of the 65,535 ports are being used in hope of finding an application with a vulnerability. By uninstalling and disabling any program or MIS 4850 Systems Security 106759666 Page 2 of 4 processes that aren't really necessary, one greatly reduces the likelihood of an attack. Incorrect answers: A, B and C: Disabling all the unnecessary programs and processes is the best way of safeguarding yourself against vulnerabilities that can be exploited via port scans. QUESTION NO: 10 Which of the following represents an advantage of using the NTFS file system over the FAT16 and FAT32 file systems? A. Integral support for streaming audio files. B. Integral support for UNIX compatibility. C. Integral support for dual-booting with Red Hat Linux. D. Integral support for file and folder level permissions. Answer: D Explanation: The NTFS was introduced with Windows NT to address security problems. With NTFS files, directories, and volumes can each have their own security. Incorrect answers: A, B and C: Unlike any of the FAT file systems, NTFS supports file-and folder-level permissions. FAT file systems provide complete access locally to the entire FAT partition. Network access can be achieved regardless of the file system used; therefore, answer B is incorrect. Support for multiple operating systems is not a feature of NTFS over FAT file systems; therefore, answer C is incorrect. Streaming video is not a function of the type of file system; therefore, answer A is incorrect. QUESTION NO: 12 Which of the following can help secure DNS (Domain Name Service) information? A. Block all unnecessary traffic by using port filtering. B. Prevent unauthorized zone transfers. C. Require password changes every 30 days. D. Change the default password. Answer: B Explanation: Leading the way in IT testing and certification tools, www.testking.in - 186 A DNS zone is an area in the DNS hierarchy that is managed as a single unit. If a domain name server allows zone transfer, it will allow another DNS server (one from a different domain) to access its DNS library of IP addresses and names; which could fall into hackers' hands if they were to pose as a DNS server. Incorrect answers: A: Blocking all unnecessary traffic will not help secure DNS information. C: Password changes are not meant to secure DNS information. D: The default password, whether changed or not, will not secure DNS information. QUESTION NO: 18 What should be a system administrator's line of action when a patch is released for a server? A. Immediately download and install the patch. MIS 4850 Systems Security 106759666 Page 3 of 4 B. Test the patch on a non-production server then install the patch to production. C. Not install the patch unless there is a current need. D. Install the patch and then backup the production server. Leading the way in IT testing and certification tools, www.testking.in - 190 Answer: B Explanation: Software patches are good for network security, because they are developed the fix known vulnerabilities. So even if everything's operating normally, a patch is still very beneficial. When you patch an operating system, there's always a risk that something can go wrong which can compromise your data and server operation. It would be wise to backup your data BEFORE, installing a patch, and it would also be wise to test the patch on your least important servers first. Incorrect answers: A: This is not advisable because the patch could be a backdoor attack. C: This is not what a patch is meant for. A Patch could be useful. D: Backing up after installing the patch is foolhardy. QUESTION NO: 19 When disabling services to harden a machine against external attacks, what process should be followed? A. Disable services such as DHCP (Dynamic Host Configuration Protocol) client and print servers from servers that do not use/serve those functions. B. Disable one unnecessary service after another, while reviewing the effects of the previous action. C. Research the services and their dependencies before disabling any default services. D. Disable services not directly related to financial operations. Answer: C Explanation: Platform hardening procedures can be categorized into three basic areas: * The first area to address is removing unused software and processes from the workstations. The services and processes may create opportunities for exploitation. The second are involves ensuring that all services and applications are up-to-date and configured in the most secure manner allowed. This may include assigning passwords, limiting access, and restricting capabilities. * The third area to address involves the minimization of information dissemination about the operating system, services, and capabilities of the system. Basically this means do some research insofar as services and their dependencies are concerned for your system. Incorrect answers: A: DHCP is meant to assign IP addresses and should not be disabled. B: This does not mean that you will be protected against external attacks. This is only disabling any service as this option suggests. D: This would be irrelevant as this option suggests that you do actually put financial operations at risk. MIS 4850 Systems Security 106759666 Page 4 of 4