Network Defense and Countermeasures Exam Bank
Course Introduction
Network Defense and Countermeasures explores the strategies, tools, and practices necessary to protect computer networks from malicious activities and cyberattacks. This course covers foundational concepts of network security, including threat analysis, risk assessment, and defense planning, as well as the implementation of firewalls, intrusion detection and prevention systems, and secure network architectures. Students will learn about emerging threats, cybersecurity policies, and incident response procedures, gaining hands-on experience in developing and applying robust countermeasures to safeguard organizational information assets.
Recommended Textbook
Security+ Guide to Network Security Fundamentals 4th Edition by Mark Ciampa
Available Study Resources on Quizplus
14 Chapters
588 Verified Questions
588 Flashcards
Source URL: https://quizplus.com/study-set/1054
Page 2
Chapter 1: Introduction to Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20875
Sample Questions
Q1) Weakness in software can be more quickly uncovered and exploited with new software tools and techniques.
A)True
B)False
Answer: True
Q2) An information security ____ position focuses on the administration and management of plans, policies, and people.
A) manager
B) engineer
C) auditor
D) inspector
Answer: A
Q3) In information security, a loss can be ____.
A) theft of information
B) a delay in transmitting information that results in a financial penalty
C) the loss of good will or a reputation
D) all of the above
Answer: D
Q4) ____________________ provides tracking of events.
Answer: Accounting
To view all questions and flashcards with answers, click on the resource link above. Page 3
Chapter 2: Malware and Social Engineering Attacks
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20876
Sample Questions
Q1) A(n) ____ virus adds a program to the operating system that is a malicious copycat version to a legitimate program.
A) macro
B) metamorphic
C) boot
D) companion
Answer: D
Q2) A(n) ____________________ is either a small hardware device or a program that monitors each keystroke a user types on the computer's keyboard.
Answer: keylogger
Q3) What is a worm?
Answer: A worm is a malicious program designed to take advantage of a vulnerability in an application or an operating system in order to enter a computer. Once the worm has exploited the vulnerability on one system, it immediately searches for another computer that has the same vulnerability. A worm uses a network to send copies of itself to other devices also connected to the network.
To view all questions and flashcards with answers, click on the resource link above.
Chapter 3: Application and Network Attacks
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20877
Sample Questions
Q1) ____ is for the transport and storage of data, with the focus on what the data is.
A) XML
B) HTML
C) SGML
D) SML
Answer: A
Q2) List three of the most common Web application attacks.
Answer: The most common Web application attacks are cross-site scripting, SQL injection, XML injection, and command injection/directory traversal.
Q3) The default root directory of the Microsoft Internet Information Services (IIS) Web server is ____.
A) /var/www
B) C:\Inetpub\ wwwroot
C) /var/html
D) /etc/var/www
Answer: B
Q4) All Web traffic is based on the ____________________ protocol.
Answer: HTTP
To view all questions and flashcards with answers, click on the resource link above. Page 5
Chapter 4: Vulnerability Assessment and Mitigating Attacks
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20878
Sample Questions
Q1) Describe a penetration testing report.
Q2) The first step in a vulnerability assessment is to determine the assets that need to be protected.
A)True
B)False
Q3) A(n) ____________________ scan uses various techniques to avoid detection.
Q4) ____ is a comparison of the present state of a system compared to its baseline.
A) Baseline reporting
B) Compliance reporting
C) Baseline assessment
D) Compliance review
Q5) A(n) ____ is hardware or software that captures packets to decode and analyze its contents.
A) application analyzer
B) protocol analyzer
C) threat profiler
D) system analyzer
Q6) A(n) ____________________ box test is one in which some limited information has been provided to the tester.
Q7) List two types of hardening techniques.
To view all questions and flashcards with answers, click on the resource link above. Page 6
Chapter 5: Host, Application, and Data Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20879
Sample Questions
Q1) A ____ is designed to separate a nonsecured area from a secured area.
A) lockout
B) mantrap
C) closet
D) pit
Q2) A ____ is software that is a cumulative package of all security updates plus additional features.
A) feature pack
B) roll-up
C) service pack
D) patch
Q3) ____ is defined as a security analysis of the transaction within its approved context.
A) Content aggregation
B) Content inspection
C) Content delivery
D) Content management
Q4) Describe RFID tags.
Q5) ____________________ locks keep a record of when the door was opened and by which code.
To view all questions and flashcards with answers, click on the resource link above. Page 7
Chapter 6: Network Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20880
Sample Questions
Q1) ____ is typically used on home routers that allow multiple users to share one IP address received from an Internet service provider (ISP).
A) PAT
B) NAT
C) PAN
D) PNAT
Q2) Describe all-in-one network security appliances.
Q3) Each operation in a computing environment starts with a ____.
A) system call
B) unit call
C) hardware instruction
D) system exception
Q4) List and describe three features of Internet content filters.
Q5) A ____ is a computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user.
A) proxy server
B) DNS server
C) VPN server
D) telnet server
To view all questions and flashcards with answers, click on the resource link above. Page 8
Chapter 7: Administering a Secure Network
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20881
Sample Questions
Q1) ____ provides a greater degree of security by implementing port-based authentication.
A) IEEE 802.3ad
B) IEEE 802.11n
C) IEEE 802.1x
D) IEEE 802.1z
Q2) List the steps in an 802.1x authentication procedure.
Q3) IEEE 802.1x is commonly used on wireless networks.
A)True
B)False
Q4) TCP port ____ is the FTP control port used for passing FTP commands.
A) 19
B) 20
C) 21
D) 22
Q5) IP telephony and Voice over IP (VoIP) are identical.
A)True
B)False
Q6) What are the two types of community strings?
Q7) List and describe three benefits offered by IP telephony.
To view all questions and flashcards with answers, click on the resource link above. Page 9
Chapter 8: Wireless Network Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20882
Sample Questions
Q1) Most Bluetooth devices use a Class 2 radio that has a range of ____ feet.
A) 10
B) 18
C) 15
D) 33
Q2) When a wireless device looks for beacon frames it is known as ____________________.
Q3) Because antennas are generally positioned to provide the broadest area of coverage, APs should be located at the end of the coverage area.
A)True
B)False
Q4) Describe a piconet.
Q5) The SSID can generally be any alphanumeric string from 2 to ___ characters.
A) 23
B) 28
C) 32
D) 34
Q6) On a piconet, slave devices that are connected but are not actively participating are called ____________________ slaves.
Page 10
To view all questions and flashcards with answers, click on the resource link above.
Chapter 9: Access Control Fundamentals
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20883
Sample Questions
Q1) Authorization and access are viewed as synonymous and in access control, they are the same step.
A)True
B)False
Q2) A user accessing a computer system must present credentials or ____ when logging on to the system.
A) access
B) authorize
C) token
D) identification
Q3) ____ is considered a more "real world" access control than the other models because the access is based on a user's job function within an organization.
A) Role Based Access Control
B) Rule Based Access Control
C) Discretionary Access Control
D) Mandatory Access Control
Q4) Often ____________________ results from a single user being trusted with a set of responsibilities that place the person in complete control of the process.
To view all questions and flashcards with answers, click on the resource link above.
Chapter 10: Authentication and Account Management
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20884
Sample Questions
Q1) Windows Live ID was originally designed as a ____ system that would be used by a wide variety of Web servers.
A) federated identity management
B) liberated identity management
C) central identity management
D) distributed identity management
Q2) A ____ is a secret combination of letters, numbers, and/or characters that only the user should know.
A) token
B) password
C) biometric detail
D) challenge
Q3) Due to the limitations of online guessing, most password attacks today use ____.
A) offline cracking
B) online cracking
C) hash replay
D) token replay
Q4) Explain how an attacker can use a resetting attack.
Q5) Discuss the weaknesses of OpenID.
Q6) What are the three advantages of a rainbow table over other password attacks?
Page 12
To view all questions and flashcards with answers, click on the resource link above.
Chapter 11: Basic Cryptography
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20885
Sample Questions
Q1) Describe how a block cipher works.
Q2) The basis for a digital signature rests on the ability of ____ keys to work in both directions.
A) symmetric
B) shared
C) unique
D) asymmetric
Q3) ____ encryption uses two keys instead of only one and these keys are mathematically related.
A) Symmetric
B) Asymmetric
C) Shared
D) Public key
Q4) The ____ algorithm is the most common asymmetric cryptography algorithm and is the basis for several products.
A) AES
B) RSA
C) Twofish
D) Blowfish
Q5) Cleartext data that is to be encrypted is called ____________________.
Page 13
To view all questions and flashcards with answers, click on the resource link above.
Chapter 12: Advanced Cryptography
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20886
Sample Questions
Q1) List three pieces of information a digital certificate typically contains.
Q2) Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system.
A)True
B)False
Q3) ____ can be used to ensure the integrity of a file by guaranteeing that no one has tampered with it.
A) Blocking
B) Hashing
C) Encrypting
D) Cloning
Q4) At the ____ stage of the certificate life cycle, the certificate is no longer valid.
A) creation
B) suspension
C) revocation
D) expiration
Q5) Explain how digital certificates are managed.
Q6) List three general duties of a CA.
Q7) List the four stages of a certificate life cycle.
Page 14
To view all questions and flashcards with answers, click on the resource link above.
Chapter 13: Business Continuity
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20887
Sample Questions
Q1) Describe the Windows page file and discuss why it can be important for evidence recovery.
Q2) System availability is often expressed as a percentage of uptime in a year.
A)True
B)False
Q3) The ____ response team serves as first responders whenever digital evidence needs to be preserved.
A) incident
B) computer forensics
C) risk
D) emergency
Q4) ____________________ is data about data.
Q5) Most metadata about a file is generated and recorded automatically without the user's knowledge.
A)True
B)False
Q6) Describe what happens when the response team arrives and secures the crime scene.
Q7) RAID 0 technology is based on ____________________.
Page 15
Q8) Discuss the purpose and importance of the chain of custody.
To view all questions and flashcards with answers, click on the resource link above.
Chapter 14: Risk Mitigation
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20888
Sample Questions
Q1) A(n) ____ approach is the art of helping an adult learn.
A) andragogical
B) pedagogical
C) deontological
D) metagogical
Q2) ____ can be defined as the study of what a group of people understand to be good and right behavior and how people make those judgments.
A) Values
B) Morals
C) Ethics
D) Standards
Q3) When designing a security policy, many organizations follow a standard set of
Q4) ____ can be defined as the "framework" and functions required to enable incident response and incident handling within an organization.
A) Incident reporting
B) Incident management
C) Incident handling
D) Incident planning
To view all questions and flashcards with answers, click on the resource link above. Page 16