Đề thi tiếng anh không chuyên doc

MỤC LỤCĐề thi tiếng anh không chuyên...1 MỤC LỤC...2 QUESTION 1: Which access control system allows the system administrator to establish access permissions to network resources?. Who is

Đề thi tiếng anh không

chuyên

MỤC LỤC

Đề thi tiếng anh không chuyên 1 MỤC LỤC 2

QUESTION 1:

Which access control system allows the system administrator to establish access

permissions to network resources?

Who is responsible for establishing access permissions to network resources in the

MAC access control model?

A The system administrator

B The owner of the resource

C The system administrator and the owner of the resource

D The user requiring access to the resource

A Predefined access privileges.

B The role or responsibilities users have in the organization

C Access Control Lists

D None of the above

QUESTION 7:

What does the RBAC access control model use to identify the users who have

permissions to a resource?

A Predefined access privileges

B The role or responsibilities users have in the organization

C Access Control Lists

D None of the above

QUESTION 8:

Which of the following statements regarding access control models is FALSE?

A The MAC model uses predefined access privileges to a resource to determine a user's access permissions to a resource

B The RBAC model uses the role or responsibilities users have in the organization to determine a user's access permissions to a resource

C In the DAC model a user's access permissions to a resource is mapped to the user's

A The Mandatory Access Control (MAC) model is a dynamic model.

B In the Mandatory Access Control (MAC) the owner of a resource establishes access privileges to that resource

C In the Mandatory Access Control (MAC) users cannot share resources dynamically

D The Mandatory Access Control (MAC) model is not restrictive

QUESTION 10:

Choose the mechanism that is NOT a valid access control mechanism

A DAC (Discretionary Access Control) list

B SAC (Subjective Access Control) list

C MAC (Mandatory Access Control) list

D RBAC (Role Based Access Control) list

QUESTION 11:

The DAC (Discretionary Access Control) model has an inherent flaw Choose the

option that describes this flaw

A The DAC (Discretionary Access Control) model uses only the identity of the user or specific process to control access to a resource This creates a security loophole forTrojan horse attacks

B The DAC (Discretionary Access Control) model uses certificates to control access to resources This creates an opportunity for attackers to use your certificates

C The DAC (Discretionary Access Control) model does not use the identity of a user to control access to resources This allows anyone to use an account to access resources

D The DAC (Discretionary Access Control) model does not have any known security flaws

QUESTION 12:

Which of the following sequences is correct regarding the flow of the CHAP system?

A Logon request, encrypts value response, server, challenge, compare encrypts results, authorize or fail

B Logon request, challenge, encrypts value response, server, compare encrypted results, authorize or fail

C Logon request, challenge, server, encrypts value response, compare encrypted results, authorize or fail

D Logon request, server, encrypts value response, challenge, compare encrypted results, authorize or fail

B If your token does not grant you access to certain information, that information will either not be displayed or your access will be denied The authentication system creates a token every time a user or a session begins At the completion of a session, the token is destroyed

C

The authentication process uses a Key Distribution Center (KDC) to orchestrate theentire process The KDC authenticates the network Principles can be users, programs, or systems The KDC provides a ticket to the network Once this ticket is issued, it can beused to authenticate against other principles This occurs automatically when a request or service is performed by another network

D The initiator sends a logon request from the client to the server The server sends a challenge back to the client The challenge is encrypted and then sent back to the server The server compares the value from the client and if the information matches, the server grants authorization If the response fails, the session fails and the request phase startsover

QUESTION 15:

Which of the following statements is TRUE regarding the Security Token system?

A If your token does not grant you access to certain information, that information will either not be displayed or your access will be denied The authentication system creates a token every time a user or a session begins At the completion of a session, the token is destroyed

B A certificate being handed from the server to the client once authentication has been established If you have a pass, you can wander throughout the network BUT limited access is allowed

C

The authentication process uses a Key Distribution Center (KDC) to orchestrate theentire process The KDC authenticates the network Principles can be users, programs, or systems The KDC provides a ticket to the network Once this ticket is issued, it can beused to authenticate against other principles This occurs automatically when a request or service is performed by another network

D The initiator sends a logon request from the client to the server The server sends a challenge back to the client The challenge is encrypted and then sent back to the server

The server compares the value from the client and if the information matches, the server grants authorization If the response fails, the session fails and the request phase startsover

QUESTION 16:

Which of the following statements is TRUE regarding the Kerberos system?

A If your token does not grant you access to certain information, that information will either not be displayed or your access will be denied The authentication system creates atoken every time a user or a session begins At the completion of a session, the token isdestroyed

B The authentication process uses a Key Distribution Center (KDC) to orchestrate the entire process The KDC authenticates the network Principles can be users, programs, or systems The KDC provides a ticket to the network Once this ticket is issued, it can beused to authenticate against other principles This occurs automatically when a request or service is performed by another network

C

The initiator sends a logon request from the client to the server The server sends a challenge back to the client The challenge is encrypted and then sent back to the server The server compares the value from the client and if the information matches, the server grants authorization If the response fails, the session fails and the request phase startsover

D A certificate being handed from the server to the client once authentication has been established If you have a pass, you can wander throughout the network BUT limited access is allowed

Which of the following methods of authentication makes use of hand scanners,

fingerprints, retinal scanners or DNA structure to identify the user?

Which of the following authentication methods increases the security of the

authentication process because it must be in your physical possession?

A Smart Cards

B Kerberos

Which of the following statements regarding authentication protocols is FALSE?

A PAP is insecure because usernames and passwords are sent over the network in clear text

B CHAP is more secure than PAP because it encrypts usernames and passwords before they are sent over the network

C RADIUS is a client/server-based system that provides authentication, authorization,and accounting services for remote dial-up access

D MS-CHAP version 1 is capable of mutual authentication of both the client and the server

QUESTION 24:

Which of the following is a solution that you can implement to protect against an intercepted password?

A Implement a VPN (Virtual Private Network)

B Implement PPTP (Point-to-Point Tunneling Protocol)

C Implement a one time password

D Implement complex password requirements

QUESTION 25:

Choose the important consideration tobear in mind on the Kerberos authentication system

A Kerberos authentication is at risk to man in the middle attacks

B Kerberos authentication tickets can be spoofed by hackers using replay attacks

C Kerberos authentication requires a centralized managed database of all user account and resource passwords

D Kerberos authentication uses clear text passwords

QUESTION 26:

You work as the security administrator at Certkiller com You must implement an authentication protocol that uses only encrypted passwords during the

authentication process

Choose the authentication protocol that accomplishes this

A PPTP (Point-to-Point Tunneling Protocol)

B SMTP (Simple Mail Transfer Protocol)

At which stage does the CHAP protocol perform the handshake process? Choose

the best complete answer

A At the stage when the connection is established and at whichever time after the connection has been established

B At the stage when the connection is established and when the connection is

disconnected

C At the stage when the connection is established

D At the stage when the connection is disconnected

B Disable all unused features of the web browser

C Only use a VPN (Virtual Private Network) connection to connect to the Internet

D Deploy a filtering policy for unknown and illegal websites that you do not want users

to access

QUESTION 29:

Choose the figure which represents the number of ports in the TCP/IP

(Transmission Control Protocol/Internet Protocol) which are vulnerable to being scanned, attacked, and exploited

One of the below options are correct regarding the DoS (Denial of Service) attack?

A Prevention access to resources by users authorized to use those resources

B Use of multiple computers to attack a single organization

C Placing a computer system between the sender and receiver to capture information

D Listening or overhearing parts of a conversation

QUESTION 33:

One of the below options are correct regarding the DDoS (Distributed Denial ofService) attack?

A Listening or overhearing parts of a conversation

B Placing a computer system between the sender and receiver to capture information

C Use of multiple computers to attack a single organization

D Prevention access to resources by users authorized to use those resources

QUESTION 34:

Which of the following attacks would involve bringing down an e-commerce website

to prevent or deny usage by legitimate customers?

A DoS

B Inception

B Back Door Attacks

C Man In The Middle

Which of the following options is the correct sequence for the TCP Three-WayHandshake?

A Host A, SYN, SYN/ACK, ACK, Host B

B Host A, ACK, SYN/ACK, Host B, SYN

C Host A, SYN/ACK, ACK, SYN, Host B

D Host A, ACK, SYN/ACK, SYN, Host B

QUESTION 41:

Which of the following attacks are being referred to if the attack involves the

attacker gaining access to a host in the network and logically disconnecting it?

A Post Office Protocol, version 3 (POP3)

B Simple Mail Transfer Protocol (SMTP)

C Internet Control Message Protocol (ICMP)

D Internet Message Access Protocol, version 4 (IMAP4)

QUESTION 43:

Which of the following protocols is used to transmit e-mail between an e-mail client and an e-mail server?

A Hypertext Transfer Protocol (HTTP)

B Post Office Protocol, version 3 (POP3)

C Simple Mail Transfer Protocol (SMTP)

D Internet Control Message Protocol (ICMP)

Which of the following attacks are being referred to if packets are not

connection-oriented and do not require the synchronization process?

Which of the following attacks uses IP spoofing and broadcasting to send a PING to

a group of hosts in a network?

C Man in the middle attack

D Blue Screen of Death attack

E SYN flood attack

From the listing of attacks, which uses either improperly formatted MTUs

(Maximum Transmission Unit) or the ICMP (Internet Control Message Protocol) to crash the targeted network computer?

A A man in the middle attack

B A smurf attack

C A Ping of Death attack

D TCP SYN (Transmission Control Protocol / Synchronized) attack

QUESTION 54:

From the listing of attacks, choose the attack which misuses the TCP (TransmissionControl Protocol) three-way handshake process, in an attempt to overload networkservers, so that authorized users are denied access to network resources?

A Man in the middle attack

QUESTION 56:

You work as the security administrator at Certkiller com While monitoring

network traffic, you find that your domain name server is resolving the domainname to the incorrect IP (Internet Protocol) address You discover that Internettraffic is being misdirected

You immediately suspect that an intruder has launched a malicious attack against the network Which type of network attack is in progress?

A DoS (Denial of Service) attack

B Spoofing attack

C Brute force attack

D Reverse DNS (Domain Name Service)

QUESTION 57:

You work as the security administrator at Certkiller com While monitoring

network traffic, you find that an intruder has managed to access resources residing

on your internal network

You immediately attempt to find out where the attack is originating from You discover that the source IP (Internet Protocol) addresses are originating from

A A virtual LAN (Local Area Network)

B A GRE (Generic Route Encapsulation) tunnel IP-IP (Internet Protocol-within-InternetProtocol Encapsulation Protocol)

C A PKI (Public Key Infrastructure)

D An enforcement of badge system

You work as the security administrator at Certkiller com You have received

instruction from the CIO to assess the company's vulnerability with regard to

well-known network attacks

All users of the Certkiller com network have been issued with a token and 4-digit personal identification number (PIN), which they use to access their computers The token works by performing off-line checking for the correct PIN

Which type of network attack is Certkiller com at risk to?

Which of the following definitions can be correctly fitted to the Polymorphic Virus?

A Change form in order to avoid detection These types of viruses attack your system, display a message on your computer, and delete files on your system

B It attaches itself to another file, such as a word processing document It may also arrive as part of an e-mail for a free game, software, or other file When activated and performs its task, it infects all of the word processing or template files Consequently, every new file will carry the virus

C This virus will attempt to avoid detection by masking itself from applications It may attach itself to the boot sector of the hard drive When a system utility or program runs,the virus redirects commands around itself in order to avoid detection

D It attacks or bypasses the antivirus software installed on a computer You can consider

it as an anti-antivirus It can directly attack your antivirus software and potentially destroy the virus definition file of your antivirus software Destroying this information without your knowledge would leave you with a false sense of security

QUESTION 64:

Which of the following definitions can be correctly fitted to the Trojan Horse Virus?

A Polymorphic viruses change form in order to avoid detection These types of viruses

attack your system, display a message on your computer, and delete files on your system The virus will attempt to hide from your antivirus software Frequently, the virus will encrypt parts of itself to avoid detection When the virus does this, it is referred to as mutation.

B It attaches itself to another file, such as a word processing document It may alsoarrive as part of an e-mail for a free game, software, or other file When activated andperforms its task, it infects all of the word processing or template files Consequently,every new file will carry the virus

C This virus will attempt to avoid detection by masking itself from applications It may attach itself to the boot sector of the hard drive When a system utility or program runs,the virus redirects commands around itself in order to avoid detection

D It attacks or bypasses the antivirus software installed on a computer You can consider

it as an anti-antivirus It can directly attack your antivirus software and potentially

destroy the virus definition file of your antivirus software Destroying this information without your knowledge would leave you with a false sense of security

B It attaches itself to another file, such as a word processing document It may also arrive as part of an e-mail for a free game, software, or other file When activated and performs its task, it infects all of the word processing or template files Consequently, every new file will carry the virus

C This virus will attempt to avoid detection by masking itself from applications It may attach itself to the boot sector of the hard drive When a system utility or program runs,the virus redirects commands around itself in order to avoid detection

D It attacks or bypasses the antivirus software installed on a computer You can consider

it as an anti-antivirus It can directly attack your antivirus software and potentially

destroy the virus definition file of your antivirus software Destroying this informationwithout your knowledge would leave you with a false sense of security

QUESTION 66:

Which of the following definitions can be correctly fitted to the Multipartite Virus?

A This virus attacks your system in multiple ways This virus may attempt to infect your boot sector, infect all of your executable files, and destroy your applications files Thehope here is that you will not be able to correct all of the problems and will allow the infestation to continue

B This virus is designed to make itself difficult to detect or analyze These viruses will cover themselves with "protective code" that stops debuggers or disassemblers from examining critical elements of the virus The virus may be written in such a way thatsome aspects of the programming act as a decoy to distract analysis while the actual code hides in other areas in the program

C This virus attaches itself to legitimate programs and then creates a program with a different file extension This file may reside in the temporary directory of your system When the user types the name of the legitimate program, the companion virus executes instead of the real program This effectively hides the virus from the user Many of the viruses that are used to attack Windows systems make changes to program pointers in the