47 terms

CIW Web Security 1.3 Review

STUDY
PLAY

Terms in this set (...)

Which of the following is an effective way to thwart hacking programs that are designed to attack Web servers?
Change the default directory locations
What is the first step of a TCP-based connection?
The initiating computer performs an active open.
The portion of an operating system that transmits and receives information on a network is known as the:
TCP/IP protocol stack
Which of the following statements is true about the link/network access layer of the TCP/IP stack?
Little security protection is available for the link/network access layer
Which security management concept is the ability for a department to accurately determine the costs of using various networking security services?
Chargeback
Which of the following is a security principle that allows you to protect your network resources?
Provide training for end users and IT workers
What is TEMPEST?
A standard developed by the U.S. government to help control electromagnetic transmissions that interfere with network connectivity
Which statement accurately describes the default stance of an e-mail server?
Most e-mail servers do not examine message contents by default
Which step in security policy implementation ensures that security policy will change as technology advances?
Repeat the process and keep current
Which of the following statements is a good rule of thumb to observe in order to maintain a strong security system?
Assign as few a number of root and administrative accounts as possible
Jill has received several CGI scripts from the company developer. What should she do next to secure these scripts?
Review the scripts
Which security management concept is used to determine the existing workload of systems on the network
Performance management
Which of the following is a connectionless protocol often used for broadcast-type protocols, such as audio or video traffic?
UDP
A tool that can be used to monitor network activity, such as when a user logs in and out or sends an e-mail, is a:
log analysis tool
Which level of users needs to be kept aware of the latest tools that can be used to keep a site's security up to date?
Executives
What is the foundation on which all security decisions are made?
Security policy
Renee is implementing a new system. Which of the following is an important step she should take while implementing the system and testing new security settings?
Test her system against common hacker techniques
Which protocol communicates errors or other conditions at the network/Internet layer, and is part of a standard IP-enabled workstation?
ICMP
Simple Network Management Protocol (SNMP) allows administrators to check the status and sometimes modify the configuration of remote hosts, especially routers, switches and wireless devices. Of the three versions of SNMP, SNMPv1 is the most common and least secure because:
it uses a simple text string to authenticate users
To implement a successful security system, you should:
use as many security principles and techniques as you can to protect each resource.
What is the most common attack method against TCP?
SYN flood attack
What is the first step in implementing a security policy?
Publish the security policy
Which security policy implementation step includes changing system defaults?
Secure each resource and service
Which of the following ports are used by TCP and UDP to identify well-known services that a host can provide?
Ports 0 through 1023
Which ICMP message type is sent whenever the destination cannot handle the amount of traffic being received?
Source Quench
Which security management concept is used to accurately determine the cost of a particular implementation and pay for it over time?
Amortization
Scripts (such as CGI, ISAPI and Perl) should be placed:
on a separate partition
To secure an e-mail server, you can:
forbid relaying to unauthorized users
Which technique can help to protect an FTP server?
Use separate FTP user accounts from those used to access the Web
Serena has been working with her company's CGI developers. These developers are using Perl. What should she remind these developers to avoid in their scripts?
Passing commands to the command shell
Which type of ICMP message is first issued when you use the ping command?
Echo Request
Which of the following causes problems with firewalls?
Active FTP
Which ICMP message type is used to synchronize time between two hosts?
Timestamp Request and Reply
Which task should you perform first when considering where to place equipment?
Conduct a needs assessment audit
Which of the following guidelines should you consider when testing systems?
You must review server logs to check user compliance to the security policy
Brett is in charge of network security for a company with highly confidential and sensitive data. He wants to use a physical access control technique that will be the most reliable tool for controlling access to the network. Which of the following should he use?
Biometrics
Which of the following is true about network scanners?
Network scanners can become outdated very quickly
What two security concerns are associated with Hypertext Transfer Protocol (HTTP)?
The Web browser viewer applications that people use, and the CGI applications used by the HTTP server
The second step in implementing a security policy is to:
categorize resources and needs
Which two protocols can be found at the transport layer of the TCP/IP stack?
Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)
Which component works with an operating system to increase its security ability?
Operating system add-on
When testing network systems:
use the tools that hackers use
Which of the following needs to be included in your network security policy?
Procedure for installing system updates
Which of the following can help reduce the likelihood of a successful dictionary attack?
A strong password policy
Which of the following techniques prevents the buildup of excessive static electricity or condensation that could damage networking equipment?
Humidity controls
Which type of attack exploits routed IP datagrams and is often found at the network layer?
Source routing
Which security management concept refers to planning the amount of bandwidth required to provide services for future customers?
Capacity forecasting