Network Security Exam Materials
Course Introduction
Network Security explores the principles, technologies, and practices essential to protecting digital networks and data from unauthorized access, misuse, and attacks. The course covers foundational topics such as cryptography, firewalls, intrusion detection and prevention systems, and secure protocols. Students will examine real-world threats including malware, phishing, and denial-of-service attacks, and learn methods for risk assessment and mitigation. Through practical exercises and case studies, participants develop the skills necessary to design, implement, and manage secure network infrastructures in both enterprise and cloud environments.
Recommended Textbook Security+ Guide to Network Security Fundamentals 4th Edition by Mark Ciampa
Available Study Resources on Quizplus 14 Chapters
588 Verified Questions
588 Flashcards
Source URL: https://quizplus.com/study-set/1054 Page 2
Chapter 1: Introduction to Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20875
Sample Questions
Q1) Recent employment trends indicate that employees with security certifications are in high demand.
A)True
B)False
Answer: True
Q2) Briefly describe computer spies.
Answer: A computer spy is a person who has been hired to break into a computer and steal information. Spies do not randomly search for unsecured computers to attack as script kiddies and other attackers do; rather, spies are hired to attack a specific computer or system that contains sensitive information. Their goal is to break into that computer and take the information without drawing any attention to their actions. Spies generally possess excellent computer skills to attack and then cover their tracks.
Q3) The single most expensive malicious attack was the 2000 ____, which cost an estimated $8.7 billion.
A) Nimda
B) Slammer
C) Love Bug
D) Code Red
Answer: C
To view all questions and flashcards with answers, click on the resource link above.
Page 3
Chapter 2: Malware and Social Engineering Attacks
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20876
Sample Questions
Q1) A(n) ____ virus adds a program to the operating system that is a malicious copycat version to a legitimate program.
A) macro
B) metamorphic
C) boot
D) companion
Answer: D
Q2) In the ____________________ technique, the virus is divided into several parts and the parts are placed at random positions throughout the host program, overwriting the original contents of the host.
Answer: split infection
Q3) ____ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
A) Adware
B) Keylogger
C) Spam
D) Trojan
Answer: A
To view all questions and flashcards with answers, click on the resource link above. Page 4
Chapter 3: Application and Network Attacks
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20877
Sample Questions
Q1) A(n) ____________________ is a method for adding annotations to the text so that the additions can be distinguished from the text itself.
Answer: markup language
Q2) Describe a cross-site scripting (XSS) attack.
Answer: Unlike other Web application attacks, a cross-site scripting (XSS) attack injects scripts into a Web application server that will then direct attacks at clients. It does not attempt to maliciously attack a Web application server to steal content or deface it. Instead, it uses the server as a platform to launch attacks on other computers that access it.
Q3) The SQL injection statement ____ determines the names of different fields in a database.
A) whatever AND email IS NULL; --
B) whatever; AND email IS NULL; --
C) whatever" AND email IS NULL; --
D) whatever' AND email IS NULL; --
Answer: D
Q4) The ____________________ directory is a specific directory on a Web server's file system.
Answer: root
To view all questions and flashcards with answers, click on the resource link above. Page 5
Chapter 4: Vulnerability Assessment and Mitigating Attacks
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20878
Sample Questions
Q1) When using a black box test, many testers use ____________________ tricks to learn about the network infrastructure from inside employees.
Q2) The end product of a penetration test is the penetration ____.
A) test profile
B) test report
C) test system
D) test view
Q3) The ____ is the expected monetary loss every time a risk occurs.
A) SLE
B) ARO
C) ALE
D) SRE
Q4) A ____ in effect takes a snapshot of the current security of the organization.
A) threat analysis
B) vulnerability appraisal
C) risk assessment
D) threat assessment
Q5) Describe the purpose of a honeypot.
Q6) List and describe two common uses for a protocol analyzer.
Q7) List and describe the three categories that TCP/IP divides port numbers into.
To view all questions and flashcards with answers, click on the resource link above. Page 6
Chapter 5: Host, Application, and Data Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20879
Sample Questions
Q1) ID badges that can be detected by a proximity reader are often fitted with tiny radio ____ tags.
A) wave
B) pulse
C) AFID
D) RFID
Q2) ____ is defined as a security analysis of the transaction within its approved context.
A) Content aggregation
B) Content inspection
C) Content delivery
D) Content management
Q3) A ____ is software that is a cumulative package of all security updates plus additional features.
A) feature pack
B) roll-up
C) service pack
D) patch
Q4) ____________________ locks keep a record of when the door was opened and by which code.
To view all questions and flashcards with answers, click on the resource link above. Page 7
Chapter 6: Network Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20880
Sample Questions
Q1) Workgroup switches must work faster than core switches.
A)True
B)False
Q2) ____ switches are connected directly to the devices on a network.
A) Workgroup
B) Distribution
C) Core
D) Intermediate
Q3) Layer 5 of the OSI model is the ____ layer.
A) Network
B) Data Link
C) Session
D) Presentation
Q4) IP addresses are ____-bit addresses.
A) 4
B) 8
C) 16
D) 32
Q5) What are the two TCP/IP protocols used by e-mail systems to send and receive messages?
Page 8
To view all questions and flashcards with answers, click on the resource link above.
Chapter 7: Administering a Secure Network
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20881
Sample Questions
Q1) The most common protocol suite used today for local area networks (LANs) as well as the Internet is ____.
A) UDP
B) ASN.1
C) TCP/IP
D) BER
Q2) In the ____ model, the cloud computing vendor provides access to the vendor's software applications running on a cloud infrastructure.
A) Cloud Application as a Service
B) Cloud Infrastructure as a Service
C) Cloud Software as a Service
D) Cloud System as a Service
Q3) ____________________ computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Q4) A(n) ____________________ is a record of events that occur.
Q5) List and describe three benefits offered by IP telephony.
Q6) Describe one way to use FTP on a local host computer.
Page 9
To view all questions and flashcards with answers, click on the resource link above.
Chapter 8: Wireless Network Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20882
Sample Questions
Q1) A(n) ____ packet contains a field that indicates the function of the packet and an identifier field used to match requests and responses.
A) ICMP
B) TKIP
C) EAP
D) RADIUS
Q2) The IEEE 802.15.1-2005 Wireless Personal Area Network standard was based on the ____ specifications.
A) Bluetooth v2.1
B) Bluetooth v1.2
C) Bluetooth v 1.0
D) Bluetooth v 1.1
Q3) ____ is considered a more flexible EAP scheme because it creates an encrypted channel between the client and the authentication server.
A) TKIP
B) LEAP
C) PEAP
D) ICMP
Q4) Describe how wireless VLANs can be configured.
To view all questions and flashcards with answers, click on the resource link above. Page 10
Chapter 9: Access Control Fundamentals
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20883
Sample Questions
Q1) Describe LDAP injection attacks.
Q2) A user under Role Based Access Control can be assigned only one ____.
A) role
B) group
C) label
D) access list
Q3) A computer user may be authorized or granted permission to log on to a system by presenting valid credentials, yet that authorization does not mean that the user can then access any and all resources.
A)True
B)False
Q4) TACACS+ and RADIUS are designed to support hundreds of remote connections.
A)True
B)False
Q5) A RADIUS ____________________ is a computer that forwards RADIUS messages among RADIUS clients and RADIUS servers.
Q6) Describe how Kerberos works.
Q7) Discuss the two significant weaknesses of DAC.
Q9) List two of the most common types of authentication and AA servers. Page 11
Q8) ____________________ is granting or denying approval to use specific resources.
To view all questions and flashcards with answers, click on the resource link above. Page 12
Chapter 10: Authentication and Account Management
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20884
Sample Questions
Q1) A(n) ____________________ attack begins with the attacker creating encrypted versions of common dictionary words, and then comparing them against those in a stolen password file.
Q2) The weakness of passwords centers on ____.
A) human memory
B) encryption technology
C) handshake technology
D) human reliability
Q3) Using a rainbow table to crack a password requires three steps.
A)True
B)False
Q4) Windows Live ID was originally designed as a ____ system that would be used by a wide variety of Web servers.
A) federated identity management
B) liberated identity management
C) central identity management
D) distributed identity management
Q5) A token ____________________ is a unique random string of characters that is encrypted to protect the token from being used by unauthorized parties.
To view all questions and flashcards with answers, click on the resource link above. Page 13
Chapter 11: Basic Cryptography
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20885
Sample Questions
Q1) A ____ is a number divisible only by itself and 1.
A) prime number
B) prime decimal
C) compound number
D) neutral number
Q2) Cleartext data that is to be encrypted is called ____________________.
Q3) Steganography can use image files, audio files, or even video files to contain hidden information.
A)True
B)False
Q4) Discuss how HMAC works.
Q5) ____ encryption uses two keys instead of only one and these keys are mathematically related.
A) Symmetric
B) Asymmetric
C) Shared
D) Public key
Q6) Discuss how cryptography can help ensure the availability of the data.
Q7) A(n) ____________________ is a method used by operating systems to store, retrieve, and organize files.
To view all questions and flashcards with answers, click on the resource link above. Page 14
Chapter 12: Advanced Cryptography
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20886
Sample Questions
Q1) Cryptography cannot protect data as it is being transported across a network.
A)True
B)False
Q2) Explain how digital certificates are managed.
Q3) In SSH, the ____________________ command allows a user to log on to a remote computer.
Q4) Key ____ removes all private and public keys along with the user's identification information in the CA.
A) renewal
B) escrow
C) generation
D) destruction
Q5) At the ____ stage of the certificate life cycle, the certificate is no longer valid.
A) creation
B) suspension
C) revocation
D) expiration
Q6) Identify the general duties of an RA.
Q7) List the three PKI trust models that use a CA.
To view all questions and flashcards with answers, click on the resource link above. Page 15
Chapter 13: Business Continuity
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20887
Sample Questions
Q1) A ____ typically begins by identifying threats through a risk assessment.
A) BRA
B) BAA
C) BPA
D) BIA
Q2) A(n) ____ backup is an evidence-grade backup because its accuracy meets evidence standards.
A) baseline
B) mirror image
C) logical image
D) thin image
Q3) A ____ is a snapshot of the current state of the computer that contains all current settings and data.
A) system standard
B) system view
C) system image
D) system baseline
Q4) What are the steps in damage control?
Q5) Discuss the purpose and importance of the chain of custody.
Q6) Describe the purpose of a disaster recovery plan.
Page 16
To view all questions and flashcards with answers, click on the resource link above.
Chapter 14: Risk Mitigation
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/20888
Sample Questions
Q1) A ____ is a collection of suggestions that should be implemented.
A) security policy
B) baseline
C) guideline
D) security procedure
Q2) ____ can be defined as the study of what a group of people understand to be good and right behavior and how people make those judgments.
A) Values
B) Morals
C) Ethics
D) Standards
Q3) ____ learners tend to sit in the middle of the class and learn best through lectures and discussions.
A) Visual
B) Auditory
C) Kinesthetic
D) Spatial
Q4) Most people are taught using a(n) ____________________ approach.
Q5) What are the duties of the CMT?
Q6) List one reason why social networking sites are popular with attackers.
Page 17
To view all questions and flashcards with answers, click on the resource link above.