Đề thi tiếng anh không chuyên MỤC LỤC Đề thi ếng anh không chuyên 1 MỤC LỤC 2 QUESTION 1: Which access control system allows the system administrator to establish access permissions to network resources? A. MAC B. DAC C. RBAC D. None of the above. QUESTION 2: Who is responsible for establishing access permissions to network resources in the MAC access control model? A. The system administrator. B. The owner of the resource. C. The system administrator and the owner of the resource. D. The user requiring access to the resource. QUESTION 3: Which of the following access control models uses roles to determine access permissions? A. MAC B. DAC C. RBAC D. None of the above. QUESTION 4: Which access control model uses Access Control Lists to identify the users who have permissions to a resource? A. MAC B. RBAC C. DAC D. None of the above. QUESTION 5: Which access control model uses predefined access privileges control access to a resource? A. MAC B. RBAC C. DAC D. None of the above. QUESTION 6: What does the DAC access control model use to identify the users who have permissions to a resource? A. Predefined access privileges. B. The role or responsibilities users have in the organization C. Access Control Lists D. None of the above. QUESTION 7: What does the RBAC access control model use to identify the users who have permissions to a resource? A. Predefined access privileges. B. The role or responsibilities users have in the organization C. Access Control Lists D. None of the above. QUESTION 8: Which of the following statements regarding access control models is FALSE? A. The MAC model uses predefined access privileges to a resource to determine a user's access permissions to a resource. B. The RBAC model uses the role or responsibilities users have in the organization to determine a user's access permissions to a resource. C. In the DAC model a user's access permissions to a resource is mapped to the user's account. D. The MAC model uses Access Control Lists (ACLs) to map a user's access permissions to a resource. QUESTION 9: Which of the following statements regarding the MAC access control models is TRUE? A. The Mandatory Access Control (MAC) model is a dynamic model. B. In the Mandatory Access Control (MAC) the owner of a resource establishes access privileges to that resource. C. In the Mandatory Access Control (MAC) users cannot share resources dynamically. D. The Mandatory Access Control (MAC) model is not restrictive. QUESTION 10: Choose the mechanism that is NOT a valid access control mechanism. A. DAC (Discretionary Access Control) list. B. SAC (Subjective Access Control) list. C. MAC (Mandatory Access Control) list. D. RBAC (Role Based Access Control) list. QUESTION 11: The DAC (Discretionary Access Control) model has an inherent flaw. Choose the option that describes this flaw. A. The DAC (Discretionary Access Control) model uses only the identity of the user or specific process to control access to a resource. This creates a security loophole for Trojan horse attacks. B. The DAC (Discretionary Access Control) model uses certificates to control access to resources. This creates an opportunity for attackers to use your certificates. C. The DAC (Discretionary Access Control) model does not use the identity of a user to control access to resources. This allows anyone to use an account to access resources. D. The DAC (Discretionary Access Control) model does not have any known security flaws. QUESTION 12: Which of the following sequences is correct regarding the flow of the CHAP system? A. Logon request, encrypts value response, server, challenge, compare encrypts results, authorize or fail B. Logon request, challenge, encrypts value response, server, compare encrypted results, authorize or fail C. Logon request, challenge, server, encrypts value response, compare encrypted results, authorize or fail D. Logon request, server, encrypts value response, challenge, compare encrypted results, authorize or fail QUESTION 13: Which authentication method does the following sequence: Logon request, encrypts value response, server, challenge, compare encrypts results, authorize or fail referred to? A. Certificates B. Security Tokens C. CHAP D. Kerberos QUESTION 14: Which of the following statements is TRUE regarding the CHAP authentication system? A. A certificate being handed from the server to the client once authentication has been established. If you have a pass, you can wander throughout the network. BUT limited access is allowed. B. If your token does not grant you access to certain information, that information will either not be displayed or your access will be denied. The authentication system creates a token every time a user or a session begins. At the completion of a session, the token is destroyed C. The authentication process uses a Key Distribution Center (KDC) to orchestrate the entire process. The KDC authenticates the network. Principles can be users, programs, or systems. The KDC provides a ticket to the network. Once this ticket is issued, it can be used to authenticate against other principles. This occurs automatically when a request or service is performed by another network. D. The initiator sends a logon request from the client to the server. The server sends a challenge back to the client. The challenge is encrypted and then sent back to the server. The server compares the value from the client and if the information matches, the server grants authorization. If the response fails, the session fails and the request phase starts over QUESTION 15: Which of the following statements is TRUE regarding the Security Token system? A. If your token does not grant you access to certain information, that information will either not be displayed or your access will be denied. The authentication system creates a token every time a user or a session begins. At the completion of a session, the token is destroyed. B. A certificate being handed from the server to the client once authentication has been established. If you have a pass, you can wander throughout the network. BUT limited access is allowed. C. The authentication process uses a Key Distribution Center (KDC) to orchestrate the entire process. The KDC authenticates the network. Principles can be users, programs, or systems. The KDC provides a ticket to the network. Once this ticket is issued, it can be used to authenticate against other principles. This occurs automatically when a request or service is performed by another network. D. The initiator sends a logon request from the client to the server. The server sends a challenge back to the client. The challenge is encrypted and then sent back to the server. The server compares the value from the client and if the information matches, the server grants authorization. If the response fails, the session fails and the request phase starts over QUESTION 16: Which of the following statements is TRUE regarding the Kerberos system? A. If your token does not grant you access to certain information, that information will either not be displayed or your access will be denied. The authentication system creates a token every time a user or a session begins. At the completion of a session, the token is destroyed. B. The authentication process uses a Key Distribution Center (KDC) to orchestrate the entire process. The KDC authenticates the network. Principles can be users, programs, or systems. The KDC provides a ticket to the network. Once this ticket is issued, it can be used to authenticate against other principles. This occurs automatically when a request or service is performed by another network. C. The initiator sends a logon request from the client to the server. The server sends a challenge back to the client. The challenge is encrypted and then sent back to the server. The server compares the value from the client and if the information matches, the server grants authorization. If the response fails, the session fails and the request phase starts over D. A certificate being handed from the server to the client once authentication has been established. If you have a pass, you can wander throughout the network. BUT limited access is allowed. QUESTION 17: Which of the following authentication systems make use of the KDC Key Distribution Center? A. Certificates B. Security Tokens C. CHAP. D. Kerberos. QUESTION 18: Which of the following methods of authentication makes use of hand scanners, fingerprints, retinal scanners or DNA structure to identify the user? A. Smart Cards B. Multi-Factor C. Kerberos D. Biometrics QUESTION 19: Which of the following authentication methods increases the security of the authentication process because it must be in your physical possession? A. Smart Cards. B. Kerberos. C. CHAP. D. Certificate. QUESTION 20: Which of the following is the MOST secure form of authentication? A. Kerberos B. Biometrics C. Smart Cards D. Username/password QUESTION 21: Which of the following is the LEAST secure form of authentication? A. Kerberos B. Biometrics C. Smart Cards D. Username/password QUESTION 22: Which of the following uses unencrypted username and passwords? A. PAP B. CHAP C. RADIUS D. MS-CHAP QUESTION 23: Which of the following statements regarding authentication protocols is FALSE? A. PAP is insecure because usernames and passwords are sent over the network in clear text. B. CHAP is more secure than PAP because it encrypts usernames and passwords before they are sent over the network. C. RADIUS is a client/server-based system that provides authentication, authorization, and accounting services for remote dial-up access. D. MS-CHAP version 1 is capable of mutual authentication of both the client and the server. QUESTION 24: Which of the following is a solution that you can implement to protect against an intercepted password? A. Implement a VPN (Virtual Private Network). B. Implement PPTP (Point-to-Point Tunneling Protocol). C. Implement a one time password. D. Implement complex password requirements. QUESTION 25: Choose the important consideration tobear in mind on the Kerberos authentication system. A. Kerberos authentication is at risk to man in the middle attacks. B. Kerberos authentication tickets can be spoofed by hackers using replay attacks. C. Kerberos authentication requires a centralized managed database of all user account and resource passwords. D. Kerberos authentication uses clear text passwords. QUESTION 26: You work as the security administrator at Certkiller .com. You must implement an authentication protocol that uses only encrypted passwords during the authentication process. Choose the authentication protocol that accomplishes this. A. PPTP (Point-to-Point Tunneling Protocol) B. SMTP (Simple Mail Transfer Protocol) C. Kerberos D. CHAP (Challenge Handshake Authentication Protocol) QUESTION 27: The CHAP (Challenge Handshake Authentication Protocol) sends a logon request from the client to the server, and the server sends a challenge back to the client. At which stage does the CHAP protocol perform the handshake process? Choose the best complete answer. A. At the stage when the connection is established and at whichever time after the connection has been established. B. At the stage when the connection is established and when the connection is disconnected. C. At the stage when the connection is established. D. At the stage when the connection is disconnected. QUESTION 28: From the recommendations below, which is considered the best method for securing a web browser? A. Do not upgrade web browsers because new versions have a tendency to contain more security flaws. B. Disable all unused features of the web browser. C. Only use a VPN (Virtual Private Network) connection to connect to the Internet. D. Deploy a filtering policy for unknown and illegal websites that you do not want users to access. QUESTION 29: Choose the figure which represents the number of ports in the TCP/IP (Transmission Control Protocol/Internet Protocol) which are vulnerable to being scanned, attacked, and exploited. A. 32 ports B. 1,024 ports C. 65,535 ports D. 16,777,216 ports QUESTION 30: Which of the following access attacks would involve listening in on someone's network? A. Eavesdropping B. Snooping C. Interception D. None of the above QUESTION 31: Which of the following access attacks would involve putting a computer system between the sender and receiver to capture information? A. Snooping B. Eavesdropping C. Interception D. None of the above QUESTION 32: One of the below options are correct regarding the DoS (Denial of Service) attack? A. Prevention access to resources by users authorized to use those resources. B. Use of multiple computers to attack a single organization. C. Placing a computer system between the sender and receiver to capture information D. Listening or overhearing parts of a conversation. QUESTION 33: One of the below options are correct regarding the DDoS (Distributed Denial of Service) attack? A. Listening or overhearing parts of a conversation B. Placing a computer system between the sender and receiver to capture information C. Use of multiple computers to attack a single organization D. Prevention access to resources by users authorized to use those resources QUESTION 34: Which of the following attacks would involve bringing down an e-commerce website to prevent or deny usage by legitimate customers? A. DoS B. Inception C. DDoS D. Eavesdropping QUESTION 35: Which of the following attacks would involve multiple computers attacking a single organization? A. Inception B. Eavesdropping C. DoS D. DDoS QUESTION 36: Which of the following common attacks would involve writing a fake logon program? A. Back Door Attacks B. Spoofing C. Man In The Middle D. Replay Attack QUESTION 37: Which of the following common attacks would allow them to examine operations inside the code while the code is running? A. Replay Attack B. Man In The Middle C. Spoofing D. Back Door Attacks QUESTION 38: Which of the following common attacks would attack places a piece of software between a server and the user? A. Spoofing B. Back Door Attacks C. Man In The Middle D. Replay Attack QUESTION 39: Which of the following common attacks would the attacker capture the user's login information and replay it again later? A. Back Door Attacks B. Replay Attack C. Spoofing D. Man In The Middle QUESTION 40: [...]... D This virus modifies and alters other programs and databases The virus infects all of these files The only way to remove this virus is to reinstall the programs that are infected If you miss even a single incident of this virus on the victim system, the process will start again and infect the system QUESTION 67: Which of the following definitions can be correctly fitted to the Companion Virus? A This... program D This virus modifies and alters other programs and databases The virus infects all of these files The only way to remove this virus is to reinstall the programs that are infected If you miss even a single incident of this virus on the victim system, the process will start again and infect the system QUESTION 68: Which of the following definitions can be correctly fitted to the Phage Virus? A This... correctly fitted to the Macro Virus? A These programs in the document are called macros A macro can tell your word processor to spellcheck your document automatically when it opens viruses can infect all of the documents on your system and spread to other systems using mail or other methods Macro viruses are the fastest growing exploitation today B This virus is designed to make itself difficult to detect... avoid detection When the virus does this, it is referred to as mutation B It attaches itself to another file, such as a word processing document It may also arrive as part of an e-mail for a free game, software, or other file When activated and performs its task, it infects all of the word processing or template files Consequently, every new file will carry the virus C This virus will attempt to avoid... while the actual code hides in other areas in the program C This virus attaches itself to legitimate programs and then creates a program with a different file extension This file may reside in the temporary directory of your system When the user types the name of the legitimate program, the companion virus executes instead of the real program This effectively hides the virus from the user Many of the... avoid detection When the virus does this, it is referred to as mutation B It attaches itself to another file, such as a word processing document It may also arrive as part of an e-mail for a free game, software, or other file When activated and performs its task, it infects all of the word processing or template files Consequently, every new file will carry the virus C This virus will attempt to avoid... while the actual code hides in other areas in the program C This virus attaches itself to legitimate programs and then creates a program with a different file extension This file may reside in the temporary directory of your system When the user types the name of the legitimate program, the companion virus executes instead of the real program This effectively hides the virus from the user Many of the... infected program The infected program may perform its dirty deed and then start the real program D This virus modifies and alters other programs and databases The virus infects all of these files The only way to remove this virus is to reinstall the programs that are infected If you miss even a single incident of this virus on the victim system, the process will start again and infect the system QUESTION... potentially destroy the virus definition file of your antivirus software Destroying this information without your knowledge would leave you with a false sense of security QUESTION 66: Which of the following definitions can be correctly fitted to the Multipartite Virus? A This virus attacks your system in multiple ways This virus may attempt to infect your boot sector, infect all of your executable files,... while the actual code hides in other areas in the program C This virus attaches itself to legitimate programs and then creates a program with a different file extension This file may reside in the temporary directory of your system When the user types the name of the legitimate program, the companion virus executes instead of the real program This effectively hides the virus from the user Many of the . Đề thi tiếng anh không chuyên MỤC LỤC Đề thi ếng anh không chuyên 1 MỤC LỤC 2 QUESTION 1: Which access control system allows. These programs in the document are called macros. A macro can tell your word processor to spellcheck your document automatically when it opens viruses can infect all of the documents on your system. resources. This creates an opportunity for attackers to use your certificates. C. The DAC (Discretionary Access Control) model does not use the identity of a user to control access to resources. This