ICSI
Certified Network Security Specialist
Quiz 1:1: Trivial File Transfer Protocol (TFTP) runs on which port?
69
2: Which of the following is NOT one of the three major classes of threats?
Online auction fraud
3: Malware is NOT a common threat for systems.
False
4: Class A IPs with range 0-126 are reserved for multicasting.
False
5: Subnetting is used to split a network into smaller portions.
True
6: The most desirable approach to security is one which is:
Layered and Dynamic
7: Server Message Block (SMB) protocol runs on which port?
445
8: Blocking attacks seek to accomplish what?
Prevent legitimate users from accessing a system
Quiz 2:
1: The most common session-hijacking is man in the middle attack
True
2: Smurf attack is a popular DoS attack
True
3: To be protected against Ping of death attacks ensure that all operating systems are patched.
True
4: Which of the following is the best definition for IP spoofing?
Sending a packet that appears to come from a trusted IP address
5: What is a Trojan horse? (2 Answers)
Sorry for this answer but you can pass 60% other answering
6: Which of the following is the best definition of a virus?
Software that self-replicates
7: What is the danger inherent in IP spoofing attacks?
Many firewalls do not examine packets that seems to come from within the network
8: The point of hijacking a connection is to exploit trust and gain access to a system.
True
9: Which of the following best describes session hacking?
Taking control of the communication link between two machines
10: The point of hijacking a connection is to exploit trust and gain access to a system.
True
Quiz 3:
1: What is the most important security advantage to NAT
It hides internal network addresses
1: A device that hides its internal IP addresses is called?
Proxy server
2: Why a stateful packet inspection firewall is less susceptible to spoofing attacks?
It examines the source IP of all packets
3: What type of firewall requires client applications to be authorised to connect?
Application gateway
4: Which of the following is an advantage of the network host based configuration?
It is inexpensive or free
5: Which type of firewall is considered the most secure?
stateful packet inspection
6: Why might a proxy gateway be susceptible to a flood attack?
its authentication method takes time and resources XXX
7: Which of the following can be shipped preconfigured?
Network host-based firewalls XX
8: Which of the following are four basic types of Firewalls?
Packet filtering. app gateway, circuit level, stateful packet inspection
10: Which of the following is a combination of firewalls?
Screened firewalls
Quiz 4:
1: A profiling technique that monitors how applications use resources is called?
executable profiling
2: What is another term for preemptive blocking?
Banishment vigilance
3: Specter is an advanced IDS system
False
4: Which of the following is NOT a profiling strategy used in anomaly detection?
System monitoring
5: What type of IDS is Snort?
Host-based
6: Attempting to attract intruders to a system setup for monitoring them is called?
intrusion detection
7: A system that is setup for attracting and monitoring intruders is called?
honeypot
8: Specter aggressive mode tries to trace the attacker and gain its identity
True
9: A series of ICMP packets sent to your ports in sequence might indicate what?
Sniffing
10: IDS is an acronym for:
Intrusion-detection system
Quiz 5:
1: What is a digital signature?
a piece of encrypted data added to other data to verify the sender
2: Which of the following is a symmetric key system using blocks?
DES
3: Secure Multipurpose Internet Mail Extensions (S/MIME) use X.509 certificates to secure e-mail communication
True
4: Which of the following is an encryption method developed by three mathematicians?
RSA
5: Which hashing algorithm do modern Windows systems use?
NLTM
6: Which of the following encryption algorithms is a block cipher and uses the Rijndael algorithm?
AES
7: What is the purpose of a certificate?
To validate the sender of a digital signature or software
8: Which of the following uses key sizes equal to 128, 192 and 256 bits?
AES
9: Blowfish is an asymmetric stream cipher
False
10: Which encryption algorithm uses a variable length symmetric key?
Blowfish
Quiz 6:
1: Which of the following is an important security feature in CHAP
It periodically re-authenticates
2: What does L2TP stand for?
Layer 2 Tunnelling protocol
3: PPTP is based on which protocol?
PPP
4: Which authentication protocols are available under PPTP?
EAP, CHAP
5: Which of the following is a weakness in PPTP?
No encryption
6: The ESP Protocol provides data confidentiality and authentication.
True
7: Which of the following is generally considered the least secure?
PAP
8: What is the purpose of IKE?
Key exchange
9: PPTP is an acronym for which of the following?
point-to-point tunneling protocol
10: Openswan is a VPN solution provided by CISCO.
False
Quiz 7:
1: What maximum password age does Microsoft reccomends?
42 Days
2: What operating system require periodic patches?
All
3: What is the rule for unused services on any computer?
Turn them off
4: What account lockout threshold does the NSA reccomends?
3 tries
5: What type of ecnryption does EFS utilize?
Public key encrption
6: What level of privileges all users must have?
Least possible
7: Which of the following best describes the registry
A database containing system settings
8: A Linux system has a repository of packages available to be installed on the system
True
9: The command sudo find / -perm -4000 checks for the location of suid binaries
True
10: What minimum password length does the NSA recommends?
12
Quiz 8:
1: The unfortunate side effect of heuristic scanning is that it can easily lead to false positives
True
2: What is heuristic scanning?
Scanning using a rule-based approach
3: What is active code scanning?
Scanning for active web elements (scripts, ActiveX, and so on)
4: What is the most common method of virus propagation?
Through e-mail attachments
5: In the context of viruses what is a .dat file?
A file with virus defination
6: Which of the following should be the least important consideration when purchasing antivirus software?
Cost of the software
7: In the event of a virus infection, the first priority is to contact the IT department.
False
8: Which of the below are famous Trojan Horses? (Choose two)
Netbus FinFisher
9: The first known ransomware was the 1995 PC Trojan
False
10: What malicious activity did the Rombertik virus attempt?
It overwrite the master boot record
Quiz 9:
1: Passwords must always be shared with any person for any reason.
False
2: What should an employee do if she believes her password has been revealed to another party?
Change her password immediately
3: Which of the following is NOT an example of a user password policy?
Users may share passwords only with their assistants
4: Instant messaging can be used not only for business communication but also for personall communication.
False
5: Always open email attachments coming from unknown sources.
Flase
6: Logon accounts, VPN, network and any other resources should NOT be disabled for leaving employees.
False
7: Which of the following should be recommended as acceptable e-mail attachments?
Attachments the user expected
8: Which of the following is NOT an area user policies need to cover.
If and when to share passwords
9: What is the best rule of thumb in access control?
Allow the least access job requirements allow
10: Which of the following is the best reason users should be prohibited from installing software?
If the user's account does not have privileges to install,
Quiz 10:
1: Ports 1 through 1024 are NOT assigned and used for well-known protocols
False
2: What is NOT a primary reason for documenting your security activity and audits?
To demonstrate how much work the network administrator usually do
3: All visitors to the building must be logged in and escorted by an employee at all times.
True
4: Open Web Application Security Project is the standard for risk assessment.
False
5: Which of the following is the least necessary security device/software
Encryption for all internal transmissions
6: Which of the following best describes risk assessment.
evaluating the security of a network
7: Virus attacks utilize uncommon ports to gain access to a system.
True
8: You should have a document that lists physical security is in place
True
9: Which of the following is the most fundamental aspect of security?
Patching the operating system
10: All employees within a company must have access to the server room.
False
Quiz 11:
1: Which of the following describes ISO 27003?
ISMS Implementation
2: What standard should you consult for managing incident response?
ISO 27035
3: Which U.S. standard should you consult to guide you in developing security policies?
NIST SP 800-14
4: What is the acronym of GDPR?
General Data Protection regulation
5: NIST SP 800-30 Rev.1 is a standard for conducting risk assessments.
True
6: Which U.S. standard covers risk assessment?
NISt SP 800-30
7: PCI DSS is a proprietary information security standard for organisations that handle cardholder data.
True
8: Which standard defines Management System Auditing?
ISO 27007
9: ISO 27035 describes incident management.
True
10: What does the Step 3 in NIST 800-30 Rev.1 clarifies?
Vulnerability Identification
Quiz 12:
1: Which of the following is NOT considered a disaster?
Server maintenance
2: How should a company test the integrity of its backup data
restoring the backup
3: A common method of securing building access is to have a locked door or barrier requiring employee ID.
True
4: The disaster recovery plan has as a major goal to get the organisation back to full functionality.
True
5: Which RAID level offers dual parity
6
6: Which RAID level uses mirroring?
1
7: RAID 0 does not offer fault tolerance
True
8: The plan for recovering from an IT disaster and having the IT infrastructure back in operation is called?
DRP
9: What is a mantrap?
A duoble door facility used for physical access control
10: Cameras must be placed so that they have an unobstructed view of the areas you want to monitor.
True
Quiz 13:
1: If you send a SYN to an open port what is the correct response?
SYN/ACK
2: If you send a SYN to an open port what is the correct response?
Connect
3: From a port scanning you identified that port 88 is open. What does this tell you?
The target system uses kerberos authentication
4: Julie has been hired to perform a penetration test on xyz.com. She begins by looking at IP address ranges owned by the company and details of domain name registration. She then goes to news groups and financial websites to see whether any of the company’s sensitive information or technical details are online. What is Julie doing?
Passive information gathering
5: Trying to identify machines on a target network is called?
Enumeration
6: Which of the following is the most reliable type of scan?
Connect
By Daniyal Younis
Copyrights © 2020 All rights Reserved
