Test Yourself on Security+
1. You are a security administrator for an enterprise network. Your input is needed for a new identification and authentication system. Choose the most secure item.
a. Biometrics based on thumbprint scans
b. Biometrics based on voiceprints, plus a hardware-based token system
c. Kerberov5 based authentication
d. Standard account/password authentication, using strong passwords
2. Given the following symptoms, select the type of network attack that’s most likely to be responsible for generating those symptoms: An analysis of inbound network traffic shows that several hundred systems on the Internet are issuing rapid sequences of ICMP echo requests.
3. Which of the following items explain why it can be unsafe to run signed code, or signed active content, on your network hosts without performing further code checks?
a. Malicious users can seek to obtain legitimate certificates to sign harmful code. (VeriSign documented illicit use of certificates attributed to Microsoft in 2000.)
b. Scripts invoke signed code that comes pre-installed and signed with the operating system, yet still contain malicious elements.
c. A valid code signature only indicates that the code originates from an identifiable source, not that the code is guaranteed to be safe.
d. All of the above.
4. On a demilitarized zone (DMZ) network segment where Windows management console traffic and file sharing is to be allowed from internal systems, which TCP ports must be left open in the routers, firewalls or other screening devices between the DMZ and the internal networks? (Choose all correct answers.)
g. All of the above
h. None of the above
5. In setting up an intrusion detection system (IDS), you decide to scan traffic for irregular header lengths to block buffer overflows, and to inspect specific information in IP and TCP packet headers. Which of the following IDS methodologies is able to perform these tasks? (Choose the best single answer.)
a. Anomaly analysis
b. Heuristic analysis
c. Pattern matching