6/8/2015

Module 3 Post Test

Youareloggedinascleorbetesantos(Logout)

QUIZNAVIGATION

AWR138WNetworkAssurance

10 11 12

13 14 15 16 17 18
19 20 21 22 23 24
25 26 27

Myhome AWR138W:June1November28 General Module3PostTest

Startedon
State
Completedon
Timetaken

Question1
Incorrect
0.00pointsoutof
1.00
Flagquestion

Monday,June8,2015,1:56PM

Showonepageatatime
Finishreview

Finished
Monday,June8,2015,2:24PM
27mins49secs

Points

14.67/27.00

Grade

54.32outof100.00

Whenconsideringmethodstoprotectyourenduserfrommaliciousattackswhen
usingInternetVoiceservicessuchasSkype,whatisagoodrecommendationto
follow?
Selectone:
a.Monitoringthevoiceconversationsofallemployeesusingskype,and
listeningforanysuspiciousbehavior.
b.SetallsettingsinSkypetotheirdefault,factoryrecommendedsettings.
c.Toconsiderofferingyourendusersalegitimateandeasytouse
alternativetoSkype.
d.AlltheabovearegoodrecommendationsforprotectingIPbasedvoice
services.

Question2
Correct
1.00pointsoutof
1.00
Flagquestion

Acentralizeduserdatabasecanbeusedtoallownetworkusebyfirstidentifying
theuser,andthenbyensuringthat(s)hehastheaccessrightstousenetworking
resources.Whatisitcalledwhenthesystemidentifiesauser?
Selectone:
a.Accessibility
b.Authentication
c.Authorization
d.Accounting

Question3
Incorrect
0.00pointsoutof
1.00
Flagquestion

WhichoneofthefollowingisNOTareasonwhyperimeterdefenses(firewall,
antivirus,etc.)areinsufficientprotectionfordesktopcomputers?(Selectthebest
answer)
Selectone:
a.Somewormsarecapableofdefeatingfirewalls.
b.Malwarecanbedownloadedbyunsuspectingusers,bypassingperimeter
defenses.
c.Employeesmaytransmitmalwarefromoutsidenetworks(i.e.home)via
portablestoragedevices.
d.Usersmaybeluredtodangeroussites,causingtheirbrowserstobe
exploitedandmalwaretobeinstalled.

Question4
Incorrect

Whyislivestreamingvideocontentdifficultforanetworkadministratortodeal
with?

0.00pointsoutof
1.00

Selectone:

Flagquestion

a.ThecontentusesstandardTCPportssuchas80and443.
b.ThecontentconsistentlycomesfromoneortwosourcesontheInternet.
c.Multicastingconfigurationsarecompletelyineffectivewhendealingwith
streamingcontent.
d.Alltheabovearereasonsstreamingcontentisdifficulttoworkwith.

Question5

Whichofthefollowingisanexampleofatechnologicalcontrolthatcanbeused

https://elearning.teex.com/mod/quiz/review.php?attempt=366422

1/5

6/8/2015

Module 3 Post Test

Incorrect

specificallytoprotectdesktopcomputers?

0.00pointsoutof
1.00

Selectone:

Flagquestion

a.Emailblacklists
b.Publickeycryptography
c.Webfilters
d.Separationofduties

Question6

Whatisthegoalofthepracticeknownas"separationofduties"?

Correct
1.00pointsoutof
1.00
Flagquestion

Selectone:
a.Topreventoutsiderattacks.
b.Tooptimizeworkflowandminimizeerrors.
c.Topreventinsiderabuse/attacksbyhighrankingorwellplacedindividuals.
d.Toensurecompliancewithlawsandregulations.

Question7
Incorrect
0.00pointsoutof
1.00
Flagquestion

Themoderndaynetworkadministratorisnolongerabletopreventorratelimita
fewsinglesourcesbutratherhastonowjustlearntodealwiththeexpected
behaviorofcomputerusersandbuildsystemsresilientenoughtodealwiththe
_____________concerns.
Selectone:
a.Inappropriatecontent
b.Bandwidth
c.Storagespace
d.Potentialcyberattack

Question8
Incorrect

Whichtype(s)ofAcceptableUsePolicy(ies)is/areappropriatetohaveinan
organization?

0.00pointsoutof
1.00

Selectone:

Flagquestion

a.IndividualAUPsforcomputeruse,Internetaccessandemailuse.
b.IndividualizedAUPsthataretailoredforeachtypeofuser.
c.AunifiedAUPthataddressescomputeruse,Internetaccessandemail
use.
d.BothAandC.

Question9
Correct
1.00pointsoutof
1.00
Flagquestion

Regardingrouters,atraffic________isaunidirectionalcollectionofpackets
whereeachpacketheadersharesthesameexactvaluesasothersforseven
keys,suchassourceIPaddress,destinationIPaddress,sourceport,andso
forth.
Selectone:
a.Bank
b.Flow
c.Path
d.Log

Question10
Incorrect
0.00pointsoutof
1.00
Flagquestion

Whichofthefollowingpoliciescanimprovetheoverallsecurityofdesktop
computerswithinanorganization,withminimaldisruptiontonormaloperations?
(Choosethebestanswer)
Selectone:
a.Restrictingcomputeraccesstouppermanagement
b.DisallowinguseofportableUSBstoragedevices
c.Restrictingemailusetobusinessactivities(i.e.noemailforpersonal
uses)
d.Changingoperatingsystems

Question11
Correct

Whichthreeofthefollowingareprimarymotivationsinthecreationofan
AcceptableUsePolicy?

https://elearning.teex.com/mod/quiz/review.php?attempt=366422

2/5

6/8/2015

Module 3 Post Test

1.00pointsoutof
1.00
Flagquestion

Selectoneormore:
a.Protectionoftheorganization'sassets.
b.Protectionoftheorganization'sauditingpractices.
c.Protectionoftheorganization'spersonnel.
d.Protectionoftheorganization'sreputationandlegalstanding.

Question12
Correct
1.00pointsoutof
1.00
Flagquestion

Theprinciplereasonthatapplicationscommonlyusedtocarryonrealtime
communicationspresentasecurityrisktotheorganizationisbecausethese
applicationsusually_____________________.
Selectone:
a.Useproprietarynetworkchannels
b.Aren'taffectedbyantivirussoftware
c.Traversefirewalls
d.Bypassrouters

Question13

DHCP'srelianceuponUDPleavesitopentowhatkindofattack?

Incorrect
0.00pointsoutof
1.00
Flagquestion

Selectone:
a.Stacksmashing
b.Shouldersurfing
c.ManintheMiddle(MiM)
d.DenialofService(DoS)

Question14
Correct
1.00pointsoutof
1.00
Flagquestion

TheideabehindrolebasedIPaddressingisthatanetworkcanbedividedinto
separate________sothatgenericAccessControlListscanbeappliedtothe
devicesthatwilleitherallowordenytrafficwithouttheneedforindividualrulesto
beappliedtospecifichosts.
Selectone:
a.Trafficflows
b.Subnets
c.Protocols
d.AccessControlLists

Question15
Incorrect

Whenitcomestosecuringwebservers,whichoneofthefollowingisNOTa
usefulmethod?

0.00pointsoutof
1.00

Selectone:

Flagquestion

a.Keepservers,operatingsystems,applications,interpreters,etc.uptodate.
b.Ensureinputvalidationbyutilizingregularexpressionsorprogramming
rulesinwebapplications.
c.AvoidtheuseofasessionIDinwebsitecookiessothathackerscannot
exploitthem.
d.DonotallowHTMLtobesubmittedasuserinputtoyourwebsite.

Question16
Correct

Regardingrouters,whichplaneofoperationisresponsibleforaccessing,
monitoring,andconfiguringthedevice?

1.00pointsoutof
1.00

Selectone:

Flagquestion

a.Dataplane
b.Administrationplane
c.Controlplane
d.Managementplane

Question17
Correct

Whatisthetermforadocumentthathasbeenapprovedbyuppermanagement
andpublishedbyanorganization,outliningnewinternalrulesandregulations?

1.00pointsoutof
1.00

Selectone:

Flagquestion

a.Anedict
b.Aprocedure
c.Apolicy

https://elearning.teex.com/mod/quiz/review.php?attempt=366422

3/5

6/8/2015

Module 3 Post Test

d.Adirective

Question18
Partiallycorrect
0.67pointsoutof
1.00

AttackerstypicallytrytodiscoversessionIDsforreasonsthatarefairlyobvious:
onceanattackerdiscoversasessionID,(s)hecansuccessfullyposeasthat
user.AttackersfrequentlytrytodiscoversessionIDsbyusingwhichthreeofthe
followingtactics:

Flagquestion

Selectoneormore:
a.Packetsniffing
b.Crosssitescripting
c.ManInTheMiddle
d.Bruteforce(i.e.guessingofthesessionID)

Question19
Correct
1.00pointsoutof
1.00
Flagquestion

Thedatacontainedwithinadatabasemaybevulnerableintwodifferentways:
attackerscouldtakeadvantageoftraditionalvulnerabilities(ex:softwaredefects)
or________vulnerabilities(ex:inference).
Selectone:
a.Networklevel
b.Arcane
c.Logical
d.Transportlevel

Question20

Whenitcomestosecuringfileservers,anattacksurfaceis________.

Correct
1.00pointsoutof
1.00

Selectone:
a.Allthewaysinwhichvulnerabilitiesofaparticularsystemcanbeexploited

Flagquestion

b.Adedicatedsystemthathasbeenattacked
c.Thelevelofphysicalsecuritythatanorganizationlacks
d.Aseriesofattacksthatattempttoaltertherecordcachemaintainedby
servers

Question21
Incorrect
0.00pointsoutof
1.00
Flagquestion

Regardingnetworksecurity,________filteringprotectsanetworkfrominvalidor
potentiallymaliciousincomingtraffic(originatingfromoutsidethenetwork)by
blockingthistrafficwhenitentersthenetwork.
Selectone:
a.Progress
b.Egress
c.Process
d.Ingress

Question22
Incorrect

WhichoneofthefollowingdoesNOTpresentsecurityproblemsforDNS
servers?

0.00pointsoutof
1.00

Selectone:

Flagquestion

a.Unlimitedzonetransfers
b.Cachepoisoning
c.Wardriving
d.TheuseofcryptographyinDNSSEC

Question23
Correct

WhichofthesemeasuresisNOTrecommendedforlimitingdamagefrom
insiders?

1.00pointsoutof
1.00

Selectone:

Flagquestion

a.FrequentUpdatingofSystems
b.Limitingcomputingpermissions/privileges("Administrator"rights)
c.FilteringemployeeInternetaccess
d.DisablingJavaScript,ActiveX,andFlashonwebbrowsers

https://elearning.teex.com/mod/quiz/review.php?attempt=366422

4/5

6/8/2015

Module 3 Post Test

Question24
Correct

Whatwouldbethesinglemostimportantconsiderationwhenconsideringacloud
serviceprovider?

1.00pointsoutof
1.00

Selectone:

Flagquestion

a.Theabilityofthecloudprovidertooffermoreincentivestosignacontract
b.Theabilityforthecloudprovidertoreducethepriceoftheirofferingby
sharingserviceswithothercustomers.
c.Theabilityforthecloudprovidertoguaranteeuptimeforyourapplication
d.Theamountoftrustyouhaveintheserviceprovider.

Question25

HowdoPOPandIMAPdifferinregardstotheintegrityofemailmessages?

Correct
1.00pointsoutof
1.00
Flagquestion

Selectone:
a.POPstoresemailmessagesonthestoragefacilityanddownloadscopies,
whileIMAPdownloadsthemdirectlytotheclient.
b.POPandIMAPareidenticalprotocolsthatoriginatedfromseperate
vendors.
c.IMAPstoresemailonthestoragefacilityanddownloadscopies,whilePOP
downloadsthemdirectlytotheclient.
d.IMAPisaproprietaryprotocoldevelopedbyMicrosoft,whilePOPisan
openstandarddevelopedbyOSI.

Question26
Correct
1.00pointsoutof
1.00
Flagquestion

Whydomanyorganizationswishtocontrolthepatchesandupdatesthatare
placedontheirsystem,insteadoflettingtheoperatingsystemdownloadand
installupdatesautomatically?
Selectone:
a.Patchesandupdatescostmoney,andmanyITpersonnelchooseto
expendtheirfundsonotheritems.
b.Patchesandupdatesmaysometimesconflictwithothersoftwareonthe
system,andtheirinstallationmaycausesystemstobecomeunstableorfail
completely.
c.Patchesandupdatesarefrequentlypoorlywritten,andareusually
exploitablebyhackersusingzerodayexploits.
d.Patchesandupdatesarenottypicallyreleaseduntilweeks,sometimes
months,afterthediscoveryofadefect,forcingorganizationstorelyupon
antivirusforcontinuedsecurity.

Question27
Incorrect
0.00pointsoutof
1.00
Flagquestion

Itisgenerallyagoodideatouseacentralizedloggingfacilityforanetworkin
ordertoalleviatethemanagementofinformationandallowforquickresponse
andanalysisofpertinentlogdatafor________purposes.
Selectone:
a.Authentication
b.Availability
c.Accounting
d.Authorization

Finishreview
2012TexasA&MEngineeringExtensionService.Allrightsreserved.
Themeusedunderlicense.
Youareloggedinascleorbetesantos(Logout)

AWR138W

https://elearning.teex.com/mod/quiz/review.php?attempt=366422

5/5