CIST2611 Final Review (Jeo.)

Confidence in your expectation that others will act in your best interest is also known as ________.

trust

Reducing customer web portal downtime from 5 minutes per year to 30 seconds per year is improving what security objective?

Availability

Antivirus, anti-spyware, and vulnerability software patch management protect ________.

workstation domain

This type of email can be annoying or contain a link, if clicked, uploads malicious software to the user’s computer.

Spam

Ransomware often requires payment of what type to remove the encryption?

Cryptocurrency

Website code modified to address possible arbitrary code execution will prevent what type of attack?

Buffer overflow

________ concentrates communications signals, accepts only basic commands, and provides statistics such as throughput measures and uptime percentages.

Active hub

This network device differentiates network traffic using Layer 2 of the OSI model. What is it?

Switch

“00-14-22-01-23-45” format and length identifies this type of address.

MAC address

A network incorporating protections for programming flaws, default settings, maximum values, processing capabilities, and memory capacities on devices, as well as malicious code and social engineering has this type of protection

Defense-in-depth

IT should use this figure for expansion if the organization is planning rapid growth over the next two years

50%

A network engineer should make this protocol recommendation for the organization that is only three years old

Upgrade to IPv6

A firewall inspect _______ to decide if traffic complies with administrator-defined rules.

packet headers

What is the common firewall philosphy?

Deny-by-default

_______ gateway focuses traffic to a single concentrated pathway to streamline the process of filtering.

Network checkpoint

_______ holds the communication channel open when a TCP handshake does not conclude.

Denial of Service (DoS) attack

Staff members who are lax about how well they protect details that might be used to reveal sensitive details about customers is revealing __________.

Personally Identifiable Information (PII)

A San Francisco company hacked with PII of millions of individuals accessed is regulated by the __________.

California Consumer Privacy Act (CCPA)

Using a nonstandard operating system for workstations such as FreeBSD is an example of _________.

security through obscurity

Sending highly sensitive information by email in a way that won't arouse the suspicion of malicious parties can be done using __________.

hiding messages in the company’s logo within the email (steganography)

A user given access only to resources necessary for their job is known as the __________.

principle of least privilege

All firewalls, no matter the type, have what in common?

Rules

Philosophy that assumes all network traffic is safe and, as malicious traffic is identified, it is added to a list of exceptions is __________.

allow by default/deny by exception

A firewall that allows access to secure websites and common website protocols but block access to insecure Internet websites should employ ________.

allow access to HTTPS, SQL, and Java, but deny access to HTTP

A _________ provides encryption over public networks, doesn’t rely upon pathways the company owns, is reliable, is not subject to eavesdropping and, also is cost-effective.

VPN

A remote employee who has access only to dial-up connectivity must use a(n) ________.

Remote Access Server (RAS)

The remote client can have either a dedicated or a nondedicated connection to the Internet. (TRUE/FALSE)

TRUE

A solution that addresses failover specifically is concerned with what network feature?

Redundancy

_______ can assist in narrowing down technical solutions to make an informed choice.

Resellers

What risky VPN solution allows simultaneous connections to secured and unsecured destinations?

Split tunneling

What virtual private network (VPN) solution typically accepts a wider variety of client operating system types?

Cloud-based VPNs

Data Link resides in what layer of the OSI?

Layer 2

A VPN that runs on UNIX is a(n) _______.

OS-based VPN

Streaming video across a computer network results in performance issues due to what?

Traffic spike

A VPN connecting to remote servers using their IP addresses instead of their NAT addresses is a(n) _______.

Operating System (OS)

What VPN solution is easy to set up, manage, and maintain and represents the majority of VPN platforms on the market?

Customer Premise Equipment (CPE) CPN

A VPN appliance to assist employees in performing their tasks remotely is known by what connection type?

Host-to-gateway

A public IP address proxy is deployed as part of layered security. (TRUE/FALSE)

FALSE

When fragmentation of packets can be exploited in overlapping attacks what solution is a reliable defense?

Dynamic filtering system that performs virtual reassembly

Hacker tunneling can use what alternate technique?

Install a server component on an external system and then use an internal client to make the connection

Convincing hackers that it would be too difficult and complex for them to mount a successful assault or that such an attack would be too easily detected is a ________.

deterrence

What is a limitation of Internet Protocol Security (IPSec)?

Data is not encrypted on client computers.

When network performance exceeds ______, it is time to act.

benchmark

Security policy development includes understanding assets, likelihoods, threats, and ________.

vulnerabilities

________ performs deep-content inspection within a scope defined by a central management console.

Data Leakage Prevention (DLP)

When a major online retailer was recently hacked, and the secure banking data and other personal information of tens of thousands of users were stolen, the likely culprit is a(n) ______.

organized crime group

What evolving technology is making it easier to defeat encryption?

Faster computers with more memory

_________ is the most popular performance metrics methodology for network security and operations.

Information Technology Infrastructure Library (ITIL)

If a user on a cloud-based service loses connectivity and the local internet connection works, _______ is the likely cause.

cloud service

_______ is the most effective method to promote network security.

Annual end-user security awareness training