WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Get this Security+ CertiGuide for your own computer.
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Also available: 300-question Security+ practice test!
Get It Here!

Google
Web CertiGuide






Table Of Contents  CertiGuide to Security+
 9  Chapter 3:  Infrastructure Security (Domain 3.0; 20%)

Previous Topic/Section
3.6  Summary
Previous Page
Pages in Current Topic/Section
1
Next Page
 3.8  Success Answers
Next Topic/Section

3.7  Success Questions

1. IDSes can be described in terms of what fundamental functional components?

A. Information Sources

B. Analysis

C. Response

D. No Answer is Correct

 

2. The majority of commercial intrusion detection systems are:

A. Network-based

B. Host-based

C. Identity-based

D. Signature-based

 

3. Which of the following is a drawback of Network-based IDSs?

A. It cannot analyze encrypted information.

B. It is very costly to set up.

C. It is very costly to manage.

D. It is not effective

 

4. Host-based IDSs normally utilize information from which of the following sources?

A. Operating system audit trails and system logs

B. Operating system audit trails and network packets

C. Network packets and system logs

D. Operating system alarms and system logs

 

5. What is known as a decoy system designed to lure a potential attacker away from critical systems?

A. Vulnerability Analysis System

B. Honey Pot

C. Padded Cell

D. File Integrity Checker

 

6. Which of the following attacks can force a browser to come to your WWW server instead of the real site?

A. DNS spoofing

B. Hijacking

C. Man in the middle

D. Land attack

 

7. A PBX with a maintained modem attached should

A. Be turned off except during actual maintenance periods

B. Have strong authentication for use

C. Be left on for high priority updates to the PBX software

D. PBXes don't use modems

 

8. When backing up using tape the administrator needs to

A. Periodically confirm the tape is still valid

B. Clean the tape drive

C. Store the tape off-site in a secured area

D. All of these choices are correct

E. No choice is correct

 

9. Choose the technology that enables the use of one-time passwords or pass phrases.

A. Biometrics

B. Smartcards

C. Genius cards

D. USB hub

E. No choice is correct

 

10. Classic ON/NOS hardening includes

A. Disabling unneeded protocols and services

B. Applying patches

C. Monitoring email and web sites for new issues

D. All choices are correct


Previous Topic/Section
3.6  Summary
Previous Page
Pages in Current Topic/Section
1
Next Page
 3.8  Success Answers
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.