1. Identify three techniques used in social engineering. (Choose three.)
fishing2. During a pretexting event, how is a target typically contacted?
vishing
phishing
spamming
pretexting
junk mailing
by e-mail3. While surfing the Internet, a user notices a box claiming a prize has been won. The user opens the box unaware that a program is being installed. An intruder now accesses the computer and retrieves personal information. What type of attack occurred?
by phone
in person
through another person
worm4. What is a major characteristic of a Worm?
virus
Trojan horse
denial of service
malicious software that copies itself into other executable programs5. A flood of packets with invalid source-IP addresses requests a connection on the network. The server busily tries to respond, resulting in valid requests being ignored. What type of attack occurred?
tricks users into running the infected software
a set of computer instructions that lies dormant until triggered by a specific event
exploits vulnerabilities with the intent of propagating itself across a network
Trojan horse6. What type of advertising is typically annoying and associated with a specific website that is being visited?
brute force
ping of death
SYN flooding
adware7. What is a widely distributed approach to marketing on the Internet that advertises to as many individual users as possible via IM or e-mail?
popups
spyware
tracking cookies
brute force8. What part of the security policy states what applications and usages are permitted or denied?
spam
spyware
tracking cookies
identification and authentication9. Which statement is true regarding anti-virus software?
remote access
acceptable use
incident handling
Only e-mail programs need to be protected.10. Which two statements are true concerning anti-spam software? (Choose two.)
Only hard drives can be protected.
Only after a virus is known can an anti-virus update be created for it.
Only computers with a direct Internet connection need it.
Anti-spam software can be loaded on either the end-user PC or the ISP server, but not both.11. What term is used to describe a dedicated hardware device that provides firewall services?
When anti-spam software is loaded, legitimate e-mail may be classified as spam by mistake.
Installing anti-spam software should be a low priority on the network.
Even with anti-spam software installed, users should be careful when opening e-mail attachments.
Virus warning e-mails that are not identified as spam via anti-spam software should be forwarded to other users immediately.
server-based12. Which abbreviation refers to an area of the network that is accessible by both internal, or trusted, as well as external, or untrusted, host devices?
integrated
personal
appliance-based
SPI13. Which statement is true about port forwarding within a Linksys integrated router?
DMZ
ISR
ISP
Only external traffic that is destined for specific internal ports is permitted. All other traffic is denied.14. To which part of the network does the wireless access point part of a Linksys integrated router connect?
Only external traffic that is destined for specific internal ports is denied. All other traffic is permitted.
Only internal traffic that is destined for specific external ports is permitted. All other traffic is denied.
Only internal traffic that is destined for specific external ports is denied. All other traffic is permitted.
DMZ15. What statement is true about security configuration on a Linksys integrated router?
external
internal
a network other than the wired network
A DMZ is not supported.16. What environment would be best suited for a two-firewall network design?
The router is an example of a server-based firewall.
The router is an example of an application-based firewall.
Internet access can be denied for specific days and times.
a large corporate environment17. What is one function that is provided by a vulnerability analysis tool?
a home environment with 10 or fewer hosts
a home environment which requires secure VPN access
a small business environment which is experiencing continuing DDoS attacks
It provides various views of possible attack paths.18. Many best practices exist for wired and wireless network security. The list below has one item that is not a best practice. Identify the recommendation that is not a best practice for wired and wireless security.
It identifies missing security updates on a computer.
It identifies wireless weak points such as rogue access points.
It identifies all network devices on the network that do not have a firewall installed.
It identifies MAC and IP addresses that have not been authenticated on the network.
Periodically update anti-virus software.19. What best practice relates to wireless access point security?
Be aware of normal network traffic patterns.
Periodically update the host operating system.
Activate the firewall on a Linksys integrated router.
Configure login permissions on the integrated router.
Disable the wireless network when a vulnerability analysis is being performed.
activation of a popup stopper20.
a change of the default IP address
an update in the antivirus software definitions
physically securing the cable between the access point and client
Refer to the graphic. In the Linksys Security menu, what does the SPI Firewall Protection option Enabled provide?
It prevents packets based on the application that makes the request.
It allows packets based on approved internal MAC or IP addresses.
It requires that packets coming into the router be responses to internal host requests.
It translates an internal address or group of addresses into an outside, public address.