1. A hacker sends an e-mail message to everyone at your company. In the e-mail he alerts employees to a change in the health benefits Web site and requests users to follow a link to the new site, which, in fact, will capture the user's private information. What security-threatening strategy is the hacker attempting?
2. You work for a retailer that sells household goods online. The company has decided to redesign its network for better security. Included in this redesign is the addition of a new firewall. Assuming the firewall is placed between the Internet connection and the Web server, which of the following should be included in the firewall's configuration so that customers can still reach the Web site?
. Allow incoming TCP-based transmissions to port 80.
4. If you upgrade a 24-port hub that serves one of your organization's workgroups to a 24-port switch for better performance, how have you also improved security?
d. You have prevented the possibility of one client eavesdropping on the transmissions issued by another client connected to the switch.
5. You are alerted that suddenly 100% of the resources on your two core routers are being used and no legitimate traffic can travel into or out of your network. What kind of security attack are you most likely experiencing
a. Denial-of-service attack
6. What type of device guards against an attack in which a hacker modifies the IP source address in the packets she's issuing so that the transmission appears to belong to your network?
b. Proxy server
7. Which of the following devices can improve performance for certain applications, in addition to enhancing network security?
b. Proxy server
8. Which of the following can automatically detect and deny network access to a host whose traffic patterns appear suspicious?
9. Which of the following encryption methods provides the best security for data traveling over VPN connections?
10. Which of the following criteria could a router's ACL use for denying packets access to a private network?
a. Source IP address
11. Which of the following NOS logon restrictions is most likely to stop a hacker who is attempting to discover someone's password through a brute force or dictionary attack?
Number of unsuccessful logon attempts
12. If a firewall does nothing more than filter packets, at what layer of the OSI model does it operate?
13. If you are entering your account number and password in a Web form to gain access to your stock portfolio online, which of the following encryption methods are you most likely using?
15. Which of the following is one reason WEP is less secure than 802.11i?
b. WEP uses the same key for authentication and encryption every time a client connects, whereas 802.11i assigns keys dynamically to each transmission.
18. You are designing an 802.11g wireless network for a local café. You want the wireless network to be available to the café's customers, but not to anyone with a wireless NIC who happens to be in the vicinity. Which of the following security measures require customers to enter a network key to gain access to your network via the access point?