Unit 4 – Network Security Worksheet
Question 1
Most distributed computing systems are, by default, are set to maximize…______. Choose one answer.
a. efficient processing
b. security
c. disk space
d. ease of use and functionality
e. web resources
Question 2
Which of the following security control measures is used to limit the number of applications a user can access to those explicitly defined? Choose one answer.
a. Anti-virus software
b. White out list
c. Host-based firewall
d. Intrusion detection system (IDS)
e. Intrusion prevention system (IPS)
Question 3
Logging involves each of the following except…__________. Choose one answer.
a. Ensuring that data remains secure in storage and in transit.
b. Ensuring administrators can quickly address suspicious activities.
c. Helping security personnel determine how best to recover from potential attacks.
d. Determining which network events and activities to monitor.
Question 4
Which of the following options is not a Linux-based utility for downloading and installing system updates? Choose one answer.
a. up2date
b. yum
c. Windows Update
d. yast
e. apt-get
Question 5
Which of the following Windows utilities is activated when administrative rights are required by a normal user when installing applications? Choose one answer.
a. WSUS
b. SID
c. SAM
d. AES
e. UAC
Question 6
The security vulnerability within virtual environments that allow guest accounts to potentially access system resources is known as _______________. Choose one answer.
a. VM escape
b. hypervising
c. phishing
d. virtualization
e. fingerprinting
Question 7
Each of the following is a benefit of increasing workers’ knowledge level with regard to organization security except…___________. Choose one answer.
a. improving employee behavior
b. reducing security expenses
c. increasing employee accountability
d. reducing the organization’s liability for employee behavior
e. complying with regulations and requirements
Question 8
Which employee security knowledge activity is geared toward teaching users how to practice effective security measures? Choose one answer.
a. Certification
b. Authentication
c. Awareness
d. Training
e. Education
Question 9
Why is executive level security training important to organizations? Choose one answer.
a. Executives must understand the risks to an organization’s operation in order to determine costs, develop security policies and implement awareness training.
b. In order to understand technical requirements.
c. How to build security into the development life cycle.
d. To be informed that online activities will be monitored.
e. To be reminded that security is a team effort.
Question 10
Logical and physical restrictions placed on users in order for them to perform only the tasks required by their jobs is best described by the concept known as…________. Choose one answer.
a. authentication
b. auditing
c. least privilege
d. separation of duties
e. impersonation
Question 11
Which of the following activities is not typically included as a responsibility of most information response (CSIRT) teams? Choose one answer.
a. Detecting incidents
b. Minimizing potential losses
c. Creating security policies
d. Restoring services
e. Identifying and mitigating exploited vulnerabilities
Question 12
Which of the following security incident terms process deals with organizing information in a way that ensures it is directed through a single, and appropriate reporting channel? Choose one answer.
a. Constituency
b. Triage
c. Vulnerability
d. Artifact
e. Mitigation