Unit 4 – Network Security Worksheet

Question 1

Most distributed computing systems are, by default, are set to maximize…______. Choose one answer.
a. efficient processing
b. security
c. disk space
d. ease of use and functionality
e. web resources

Question 2

Which of the following security control measures is used to limit the number of applications a user can access to those explicitly defined? Choose one answer.

a. Anti-virus software
b. White out list
c. Host-based firewall
d. Intrusion detection system (IDS)
e. Intrusion prevention system (IPS)

Question 3

Logging involves each of the following except…__________. Choose one answer.

a. Ensuring that data remains secure in storage and in transit.
b. Ensuring administrators can quickly address suspicious activities.
c. Helping security personnel determine how best to recover from potential attacks.
d. Determining which network events and activities to monitor.

Question 4

Which of the following options is not a Linux-based utility for downloading and installing system updates? Choose one answer.

a. up2date
b. yum
c. Windows Update
d. yast
e. apt-get

Question 5

Which of the following Windows utilities is activated when administrative rights are required by a normal user when installing applications? Choose one answer.

a. WSUS
b. SID
c. SAM
d. AES
e. UAC

Question 6

The security vulnerability within virtual environments that allow guest accounts to potentially access system resources is known as _______________. Choose one answer.

a. VM escape
b. hypervising
c. phishing
d. virtualization
e. fingerprinting

Question 7

Each of the following is a benefit of increasing workers’ knowledge level with regard to organization security except…___________. Choose one answer.

a. improving employee behavior
b. reducing security expenses
c. increasing employee accountability
d. reducing the organization’s liability for employee behavior
e. complying with regulations and requirements

Question 8

Which employee security knowledge activity is geared toward teaching users how to practice effective security measures? Choose one answer.

a. Certification
b. Authentication
c. Awareness
d. Training
e. Education

Question 9

Why is executive level security training important to organizations? Choose one answer.

a. Executives must understand the risks to an organization’s operation in order to determine costs, develop security policies and implement awareness training.
b. In order to understand technical requirements.
c. How to build security into the development life cycle.
d. To be informed that online activities will be monitored.
e. To be reminded that security is a team effort.

Question 10

Logical and physical restrictions placed on users in order for them to perform only the tasks required by their jobs is best described by the concept known as…________. Choose one answer.
a. authentication
b. auditing
c. least privilege
d. separation of duties
e. impersonation

Question 11

Which of the following activities is not typically included as a responsibility of most information response (CSIRT) teams? Choose one answer.
a. Detecting incidents
b. Minimizing potential losses
c. Creating security policies
d. Restoring services
e. Identifying and mitigating exploited vulnerabilities

Question 12

Which of the following security incident terms process deals with organizing information in a way that ensures it is directed through a single, and appropriate reporting channel? Choose one answer.
a. Constituency
b. Triage
c. Vulnerability
d. Artifact
e. Mitigation