You are the security administrator for a private corporation

INFA610 Name ___________________________________________

Multiple Choice – 5 Points Each
1. You are the security administrator for a private corporation. Your network hosts a
wide range of data from freely distributed Web documents to customer contact lists
to financial records to proprietary business process documentation. All data on the
company network is labeled as classified and confidential. However, users don’t
seem to understand that they need to handle certain documents with more care and
control than others. Which of the following will improve this situation?
a.
b.
c.
d.

Enforce a mandatory access control environment.
Use stronger authentication factors.
Create a classification policy.
Define an acceptable use policy.

Answer _______
2. You are the security administrator for a company that is a government contractor.
You have an established classification policy. Your current means of managing
access seems to offer little in the manner of granular controls. Which of the
following control mechanisms is a suitable improvement for this environment?
a.
b.
c.
d.

Least privilege
Need to know
Separation of duties
Job rotation

Answer _________
3. You are the security administrator for your organization. You are evaluating risks
for various assets stored on the network. One asset, a collection of Request for
Comments (RFC) documents that was downloaded from an Internet source, is
threatened by a new Trojan horse program that locates and deletes text documents.
Your system is vulnerable to this Trojan horse since no other detection systems are
deployed on your network, other than a simple antivirus software product. Why can
you ignore this specific risk?
a.
b.
c.
d.

All antivirus software utilities detect and block Trojan horses.
A Trojan horse is effective only if it is executed by an administrative user.
Risks exist only against physical assets.
The impact of the risk is negligible.

Answer ____________
V6

Page 1

INFA610 Name ___________________________________________

4. What specific policy might recommend removing a server from the network and reinstalling all software and data?
a.
b.
c.
d.

A privacy policy
An authentication policy
An incident response policy
A violations reporting policy

Answer __________
5. You are the network administrator for your organization. You’ve been assigned to
document the network. You collect the relevant information and write out detailed
reports for every hardware device, you create a network wiring diagram, and you
even write out complete configuration settings for all of the approved applications. A
few weeks later the company contracts with a consulting company to perform
penetration testing against the network. They look at your network documentation
and say that they cannot use it in their work. What is the possible reason for this
claim?
a.
b.
c.
d.

The documentation does not include any security details.
The documentation is out of date.
The documentation does not include operating systems.
The documentation does not include disaster recovery plans.

Answer ________
6. You work for a company that sells products over the Internet. Every time a sale is
made, a database record of the transaction is transmitted from the demilitarized
zone (DMZ) to the database server in the private network where the database
resides. You use a network-based IDS (NIDS) to monitor the network traffic from
the DMZ to the private network. A Web server that supports your e-commerce
solution is used in the DMZ. A denial of service (DoS) attack is detected by the
NIDS. Which of the following is the least desirable response from the NIDS?
a.
b.
c.
d.

Recording the incident in a report log
Disabling the communication link between the DMZ and the private network
Notifying the network administrator of the issue
Blocking packets with the same source IP address as the original DoS packets

Answer __________

V6

Page 2

INFA610 Name ___________________________________________

7. You are the security administrator for a small company. You have a single server
that is used as your Web server and e-commerce server. It is in your office, separate
and distinct from all other systems. You have two Internet connections: one
dedicated for use by the Web server and the other for shared use by the office
network. You just completed a forensic investigation of an intrusion against the Web
server that caused significant damage to the hosted data files. The intruder gained
administrative-level access and made numerous configuration and setting changes
throughout the system. You even found several sets of hacker tools hidden in various
places in the system. You need to get the Web server back online quickly since you
are losing sales every hour the server remains offline. You format the hard drives,
reinstall the operating system and applications, manually reconfigure the system,
and then restore verified versions of your data files from backup tapes that were
created before the intruder broke in. What additional activity is essential to
completing the restoration process?
a.
b.
c.
d.

Applying any new hot fixes
Patching the exploited vulnerability
Performing a system-wide backup
Reapplying the company security template

Answer ________
8. What type of encryption does PKI use?
a.
b.
c.
d.

Symmetric
Asymmetric
DES
AES

Answer __________
9. The upper layers of the OSI model are, in correct order.
a.
b.
c.
d.

Session, application, presentation
Session, presentation, application
Session, application, presentation, physical
Application, presentation, session, physical

Answer _______

10. Match the following:
A. Application Layer
B. Presentation Layer
V6

Page 3

1. Responsible for co-ordinating communication between systems
2. Responsible for multiplexing upper-layer applications

INFA610 Name ___________________________________________

C. Session Layer
D. Transport Layer
a.
b.
c.
d.

A—>3; B—>4; C—>2; D—>1
A—>2; B—>4; C—>1; D—>4
A—>2; B—>3; C—>4; D—>1
A—>3; B—>4; C—>1; D—>2

Answer _____________

V6

Page 4

3. Responsible for availability of intended communication partner
4. Responsible for negotiating data transfer syntax

INFA610 Name ___________________________________________

11. While reviewing the security logs for your server, you notice that a user on the
Internet has attempted to access your internal mail server. Although it appears that
the user’s attempts were unsuccessful, you are still very concerned about the
possibility that your systems may be compromised. Which of the following solutions
are you most likely to implement?
a.
b.
c.
d.

A firewall system at the connection point to the Internet
A more secure password policy
File-level encryption
Kerberos authentication

Answer _________
12. If Alice and Bob want to send encrypted messages to each other and Alice
communicates first. In most cases what key will Alice use?
a.
b.
c.
d.
e.

Alice’s private key
Alice’s public key
Bob’s private key
Bob’s public key
None of the above

Answer _______

V6

Page 5

Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Ask A Question and we will direct you to our Order Page at WriteDemy. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.