98-367 Online Practice Questions and Answers

Correct Answer: D

Correct Answer: A

Phishing is the act of attempting to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

Correct Answer: D

Eavesdropping In general, the majority of network communications occur in an unsecured or "cleartext" format, which allows an attacker who has gained access to data paths in your network to "listen in" or interpret (read) the traffic. When an attacker is eavesdropping on your communications, it is referred to as sniffing or snooping. The ability of an eavesdropper to monitor the network is generally the biggest security problem that administrators face in an enterprise. Without strong encryption services that are based on cryptography, your data can be read by others as it traverses the network.

Correct Answer: C

SSID (service set identifier) is a function performed by an Access Point that transmits its name so that wireless stations searching for a network connection can 'discover' it. It's what allows your wireless adapter's client manager program or Windows built-in wireless software to give you a list of the Access Points in range.

Correct Answer: A

Address Resolution Protocol (ARP) spoofing, also known as ARP poisoning or ARP Poison Routing (APR), is a technique used to attack an Ethernet wired or wireless network. ARP spoofing may allow an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic altogether. The attack can only be used on networks that actually make use of ARP and not another method of address resolution. The principle of ARP spoofing is to send fake ARP messages to an Ethernet LAN. Generally, the aim is to associate the attacker's MAC address with the IP address of another node (such as the default gateway). Any traffic meant for that IP address would be mistakenly sent to the attacker instead. The attacker could then choose to forward the traffic to the actual default gateway (passive sniffing) or modify the data before forwarding it. ARP spoofing attacks can be run from a compromised host, or from an attacker's machine that is connected directly to the target Ethernet segment. Answer: C is incorrect. Mail bombing is an attack that is used to overwhelm mail servers and clients by sending a large number of unwanted e-mails. The aim of this type of attack is to completely fill the recipient's hard disk with immense, useless files, causing at best irritation, and at worst total computer failure. E-mail filtering and properly configuring email relay functionality on mail servers can be helpful for protection against this type of attack. Answer: B is incorrect. DNS poisoning is the process in which a DNS server may return an incorrect IP address, diverting traffic to another computer. Answer: D is incorrect. Keystroke logging is a method of logging and recording user keystrokes. It can be performed with software or hardware devices. Keystroke logging devices can record everything a person types using his keyboard, such as to measure employee's productivity on certain clerical tasks. These types of devices can also be used to get usernames, passwords, etc.

Correct Answer: A

Eavesdropping is the process of listening to private conversations. It also includes attackers listening the network traffic. For example, it can be done over telephone lines (wiretapping), email, instant messaging, and any other method of

communication considered private.

Answer: C is incorrect. Sanitization is the process of removing sensitive information from a document or other medium so that it may be distributed to a broader audience. When dealing with classified information, sanitization attempts to

reduce the document's classification level, possibly yielding an unclassified document. Originally, the term sanitization was applied to printed documents; it has since been extended to apply to computer media and the problem of data

remanence as well.

Answer: D is incorrect. Hacking is a process by which a person acquires illegal access to a computer or network through a security break or by implanting a virus on the computer or network.

Answer: B is incorrect. Subnetting is a process through which an IP address network is divided into smaller networks. It is a hierarchical partitioning of the network address space of an organization into several subnets. Subnetting creates

smaller broadcast domains. It helps in the better utilization of the bits in the Host ID.

Correct Answer: ABD

Answer: D, A, and B

The following practices should be followed to keep passwords secure: Never write down a password.

Change the passwords whenever there is suspicion that they may have been compromised. A password should be alpha-numeric. Never use the same password for more than one account. Never tell a password to anyone, including people

who claim to be from customer service or security.

Never communicate a password by telephone, e-mail, or instant messaging. Ensure that an operating system password and application passwords are different. Make passwords completely random but easy for you to remember.

Correct Answer: D

The Phishing filter of IE 7+ provides protection from online phishing attacks, frauds, and spoofed Web sites. The filter helps determine whether a Web site is a legitimate site or a phishing site. The filter blocks the Web sites and cautions the users about both reported and suspected phishing Web sites. Answer: B is incorrect. A Pop-up blocker allows users to block most pop-ups while surfing the Internet on their computers. The users can select the level of blocking; they can either block all pop- up windows or allow pop-ups that they want to see. Answer: A is incorrect. The protected mode feature of IE 7+ prevents a computer from saving the files or programs of a Web site. The protected mode makes it more difficult for malware to be installed. In case such a program is installed, it makes it difficult for the program to damage a user's file and the other operating system files. Protected mode is enabled by default for Internet, local intranet, and restricted sites. However, it is not enabled for the trusted sites. Answer: C is incorrect. IE 7+ provides a user the facility of configuring security through the security zones. It allows a user or systems administrator to categorize Web sites that a user visits into several groups with a suitable security level.

Correct Answer: C

Kerberos is defined as a secure method used for authenticating a request for a service in a computer network.

Answer: D is incorrect. The Lightweight Directory Access Protocol (LDAP) is defined as a directory service protocol that is used to provide a mechanism used to connect to, search, and modify Internet directories. Answer: A is incorrect. TCP/

IP protocol is used to define the rule computers are required to follow for communicating with each other over the internet.

Answer: B is incorrect. This is an invalid Answer: .

Correct Answer: D

In the above scenario, a potential risk is a viruses and malware attack because a VPN does not prevent potential viruses and malware attack on the home computer from being infecting the entire network. Mark can use the Direct Access that is a new feature with Windows 7 and Windows Server 2008 R2, to help in mitigating the potential risks. Answer: C is incorrect. Buffer overflow is a condition in which an application receives more data than it is configured to accept. It helps an attacker not only to execute a malicious code on the target system but also to install backdoors on the target system for further attacks. All buffer overflow attacks are due to only sloppy programming or poor memory management by the application developers. The main types of buffer overflows are: Stack overflow Format string overflow Heap overflow Integer overflow