Scribd Logo
Upload

Welcome to Scribd!

  • 39 views

    Reviewer FCNS - Wa 30Q

    Uploaded by

    Amv Nightcore Syifaditya
    This document contains a review exam for a networking security certification. It includes 23 multiple choice questions covering topics like removing unnecessary services to increase security, DDoS attacks, spoofing, wireless security protocols like WEP, firewall configuration, VPN security, and server hardening best practices. The questions are designed to test knowledge of key networking and security concepts.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Reviewer FCNS - Wa 30Q

    Uploaded by

    Amv Nightcore Syifaditya
    39 views5 pages
    This document contains a review exam for a networking security certification. It includes 23 multiple choice questions covering topics like removing unnecessary services to increase security, DDoS attacks, spoofing, wireless security protocols like WEP, firewall configuration, VPN security, and server hardening best practices. The questions are designed to test knowledge of key networking and security concepts.

    Original Description:

    Original Title

    REVIEWER FCNS - WA 30Q

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document contains a review exam for a networking security certification. It includes 23 multiple choice questions covering topics like removing unnecessary services to increase security, DDoS attacks, spoofing, wireless security protocols like WEP, firewall configuration, VPN security, and server hardening best practices. The questions are designed to test knowledge of key networking and security concepts.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    39 views5 pages

    Reviewer FCNS - Wa 30Q

    Uploaded by

    Amv Nightcore Syifaditya
    This document contains a review exam for a networking security certification. It includes 23 multiple choice questions covering topics like removing unnecessary services to increase security, DDoS attacks, spoofing, wireless security protocols like WEP, firewall configuration, VPN security, and server hardening best practices. The questions are designed to test knowledge of key networking and security concepts.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 5

    REVIEWER

    FORESEC CERTIFIED NETWORKING SECURITY

    1. Which of the following are a benefit of removing unused or unneeded services and protocols?
    A. More machine resource availability
    B. More network throughput
    C. Less need for administration
    D. More Security

    2. Which is the most important reason for the removal of unused, unnecessary, or unneeded
    protocols, services, and applications?
    A. Increased security
    B. Increased performance
    C. Less need for administration
    D. Less machine resource use.

    3. The component of a DDoS attack that sends commands to DDoS zombie agents is known as
    a _____.
    A. System Commander
    B. Console
    C. Master
    D. Rootkit

    4. The act of attempting to appear to be someone you're not in order to gain access to a system
    is known as which of the following?
    A. Spoofing
    B. DDoS
    C. Replay
    D. Sniffing

    5. Which of the following is most likely to make systems vulnerable to MITM attacks?
    A. Weak passwords
    B. Weak TCP sequence numbers
    C. Authentication misconfiguration on routers
    D. Use of the wrong operating systems

    6. Which of the following is the best way to protect your organization from revealing sensitive
    information through dumpster diving?
    A. Establish a policy requiring employees to change passwords every 30 to 60 days.
    B. Teach employees the value of not disclosing restricted information over the
    telephone to unknown parties.
    C. Add a new firewall to the network.
    D. Shred all sensitive documentation.

    7. The use of VPNs and __________________ have enabled users to be able to telecommute.
    A. PGP
    B. S/MIME
    C. Wireless NICs
    D. RASs

    Consultancy | training | certification


    8. PDAs, cell phones, and certain network cards have the ability to use _____________ networks.
    Choose the BEST answer.
    A. Wired
    B. Private
    C. Wireless
    D. Antique

    9. There are three recognized levels of hacking ability in the Internet community. The first is the
    skilled hacker, who writes the programs and scripts that script kiddies use for their attacks.
    Next comes the script kiddie, who knows how to run the scripts written by the skilled hackers.
    After the script kiddies come the _______________, who lack the basic knowledge of
    networks and security to launch an attack themselves.
    A. Web kiddies
    B. Clickers
    C. Click kiddies
    D. Dunce kiddies

    10. Your supervisor has charged you with determining which 802.11 authentication method to use
    when deploying the new wireless network. Given your knowledge of the 802.11 specification,
    which of the following is the most secure 802.11 authentication method?
    A. Shared-key
    B. EAP-TLS
    C. EAP-MD5
    D. Open

    11. What are the two WEP key sizes available in 802.11 networks?
    A. 40-bit and 104-bit
    B. 24-bit and 64-bit
    C. 64-bit and 128-bit
    D. 24-bit and 104-bit

    12. Which of the following is a weakness in WEP related to the IV?


    A. The IV is a static value, which makes it relatively easy for an attacker to brute force
    the WEP key from captured traffic.
    B. The IV is transmitted in plaintext and can be easily seen in captured traffic.
    C. The IV is only 24 bits in size, which makes it possible that two or more data
    frames will be transmitted with the same IV, thereby resulting in an IV collision
    that an attacker can use to determine information about the network.
    D. There is no weakness in WEP related to the IV.

    13. You are creating a DMZ for a company and need to allow external users to access Web
    servers in the DMZ using HTTP/S as well as allow internal users to access the same Web
    servers using standard HTTP. What is the best way to configure the external and internal
    firewalls to meet these requirements?
    A. Open port 80 on the external firewall and port 443 on the internal firewall.
    B. Open port 443 on the external firewall and port 80 on the internal firewall.
    C. Open port 80 on the external firewall and port 110 on the internal firewall.
    D. Open port 110 on the external firewall and port 80 on the internal firewall.

    Consultancy | training | certification


    14. When you use Java, the JVM isolates the Java applet to a sandbox when it executes. What
    does this do to provide additional security?
    A. This prevents the Java applet from accessing data on the client's hard drive.
    B. This prevents the Java applet from communicating to servers other than the
    one from which it was downloaded.
    C. This prevents the Java applet from failing in such a way that the Java applet is unable
    to execute.
    D. This prevents the Java applet from failing in such a way that it affects another
    application.

    15. You are setting up a test plan for verifying that new code being placed on a Web server is
    secure and does not cause any problems with the production Web server. What is the best
    way to test the code prior to deploying it to the production Web server?
    A. Test all new code on a development PC prior to transferring it to the production Web
    server.
    B. Test all new code on an active internal Web server prior to transferring it to the
    production Web server.
    C. Test all new code on a duplicate Web server prior to transferring it to the production
    Web server.
    D. Test all new code on another user's PC prior to transferring it to the production Web
    server.

    16. To allow its employees remote access to the corporate network, a company has implemented
    a hardware VPN solution. Why is this considered a secure remote access solution?
    A. Because only the company's employees will know the address to connect to in order
    to use the VPN.
    B. Because VPNs use the Internet to transfer data.
    C. Because a VPN uses compression to make its data secure.
    D. Because a VPN uses encryption to make its data secure.

    17. The network team at your company has placed a sniffer on the network to analyze an ongoing
    network-related problem. The team connects to the sniffer using Telnet to view the data going
    across the network. What would you recommend to increase the security of this connection
    without making it significantly more difficult for the network team members to do their jobs?
    A. Require the network team to remove the sniffer immediately.
    B. Require the network team to view the data from the local console of the sniffer.
    C. Encrypt the connection to the sniffer using PAP.
    D. Use SSH to make the connection to the sniffer rather than Telnet.

    18. Some new servers are being installed on your company's network and you have been asked
    to work with the installer to ensure that they are as secure as possible from hack attempts.
    What is the most important step you should take to ensure that the servers' OSs is secure?
    A. Make sure that the installer is certified.
    B. Make sure that the latest OS service pack is installed.
    C. Make sure that the latest OS service pack and all security patches are installed.
    D. Make sure that the servers have locks on the hot-swap drive chassis.

    Consultancy | training | certification


    19. What types of computers might you expect to find located on an intranet?
    A. Publicly accessible DNS servers and Public Web servers
    B. Public Web servers and SQL 2000 servers
    C. SQL 2000 servers and User workstations
    D. User workstations and Publicly accessible DNS servers

    20. Which of the following protocols can be used to secure a VPN connection?
    A. TCP/IP
    B. DNS
    C. MPPE
    D. Apple Talk

    21. Sally has come to you for advice and guidance. She is trying to configure a network device to
    block attempts to connect on certain ports, but when she finishes the configuration, it works
    for a period of time but then changes back to the original configuration. She cannot
    understand why the settings continue to change back. When you examine the configuration,
    you find that the __________ are incorrect, and are allowing Bob to change the configuration,
    although he is not supposed to operate or configure this device. Since he did not know about
    Sally, he kept changing the configuration back.
    A. MAC settings
    B. DAC settings
    C. ACL settings
    D. Permissions

    22. Josh has asked for a clarification of what a firmware update is. How could you briefly describe
    for him the purpose of firmware updates?
    A. Firmware updates are control software- or BIOS-type updates that are installed
    to improve the functionality or extend the life of the device involved.
    B. Firmware updates are device-specific command sets that must be upgraded to
    continue operation.
    C. Firmware updates update the mechanical function of the device.
    D. Firmware updates are minor fixes, and are not usually necessary.

    23. Your FTP server was just compromised. When you examine the settings, you find that the
    server allows Anonymous access. However, you know that this is a default condition in most
    FTP servers, and must dig further for the problem. Where else might you check?
    A. Access permissions on server's file structure
    B. ACL settings for server access
    C. Effective permissions for the anonymous access
    D. All of the above

    24. You have downloaded a CD ISO image and want to verify its integrity. What should you do?
    A. Compare the file sizes.
    B. Burn the image and see if it works.
    C. Create an MD5 sum and compare it to the MD5 sum listed where the image was
    downloaded.
    D. Create an MD4 sum and compare it to the MD4 sum listed where the image was
    downloaded.

    Consultancy | training | certification


    25. If you wanted to encrypt a single file for your own personal use, what type of cryptography
    would you use?
    A. A proprietary algorithm
    B. A digital signature
    C. A symmetric algorithm
    D. An asymmetric algorithm

    26. Which of the following algorithms are available for commercial use without a licensing fee?
    A. RSA, DES, and IDEA
    B. DES, IDEA, and AES
    C. IDEA, AES, and RSA
    D. RSA, DES, and AES

    27. The PKI identification process is based upon the use of unique identifiers, known as _____.
    A. Licences
    B. Fingerprints
    C. Keys
    D. Locks

    28. Public Key Cryptography is a system that uses a mix of symmetric and ___________
    algorithms for the encryption of a secret key.
    A. Public
    B. Asymmetric
    C. Private
    D. Certificate

    29. Your certificate and keys are about to expire. As long as the certificate is in good standing,
    you can use your existing key to sign your request to _______ your keys.
    A. Revoke
    B. Renew
    C. Reinitialize
    D. Redistribute

    30. When a company uses ____________, it is keeping copies of the private key in two separate
    secured locations where only authorized persons are allowed to access them.
    A. Key escrow
    B. Key destruction
    C. Key generation
    D. Key rings

    Consultancy | training | certification

    You might also like