Preview

IS3220 Final Exam

Satisfactory Essays
Open Document
Open Document
700 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
IS3220 Final Exam
IS3220
Final Exam Review
1. What can you detect by analyzing a data packet? Policy violations and possible network vulnerabilities
2. NetWitness Investigator works how? Real Time
3. What is used by TCP to establish a session between two systems? Three way handshake
4. Which of the following protocols is a connection-oriented protocol that operates at the transport layer of the OSI model and supports reliable connections? TCP
5. Promiscuous mode is most commonly associated with_____________? NIC
6. What are the primary objectives of information security? CIA
7. Personnel should be authenticated and authorized prior to being granted access to company’s information resources. This statement is an example of ________________? Policy
8. What security group is responsible for managing network vulnerabilities and threats? IT Security Staff
9. What network component filters traffic between nodes? Firewall
10. What is the most important consideration when designing a network? Usage
11. What is usually the first activity in the hacking process? Reconnaissance
12. What type of attack might a hacker offer as a service? Spam
13. Which of the IT domains is most vulnerable to social engineering? User Domain
14. What type of attack can result in arbitrary code execution with system-level privileges? Buffer Overflow
15. Name three social engineering techniques? Phishing, Impersonation, Reciprocity, ALL OF THE ABOVE
16. Which domain marks the boundary where the private network meets the public network? LAN to WAN
17. A port scanner is a type of __________________ _________________scanner. Network Vulnerability
18. Which of the following is not covered by a data loss/data leak prevention tool? Paper documents
19. Which of the following is not a purpose of network analysis?
Detect security policy violations
20. Where do you capture network data to analyze inbound/outbound network traffic? Internal Firewall Interface
21. What can you accomplish by filtering network

You May Also Find These Documents Helpful

  • Satisfactory Essays

    Jennifer’s full time position as Sales would need Sales access for her primary position. She should only have By Position access to Accounts Payable when she is working that position. She would need Read Only for Shipping and Receiving in order provide customers with information on inventory availability. Neither of her positions should have required her to have full access to Shipping and Receiving.…

    • 252 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    Global Limited is a global provider of infrastructure information systems, whose services cater to a wide range of industry sectors. One of Global Limited’s business objectives is information security for their clients. In order to provide their clients with information security, Global Limited has utilized a risk management approach to protect their client’s information.…

    • 515 Words
    • 3 Pages
    Good Essays
  • Good Essays

    (167) Command issued to upgrade an old version of the Cisco IOS software by downloading a new image from the TFTP server…

    • 469 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    Security implementation responsibilities focus on implementing the access controls and account management processes outlined in this Plan. The following positions are responsible for security implementation:…

    • 1211 Words
    • 5 Pages
    Powerful Essays
  • Satisfactory Essays

    1. Describe the three modes of communication available on a network. (Minimum word count: 60)…

    • 494 Words
    • 2 Pages
    Satisfactory Essays
  • Powerful Essays

    IS3220

    • 1161 Words
    • 8 Pages

    4. Which of the following protocols is a connection-oriented protocol that operates at the transport layer of the OSI model and supports reliable connections?…

    • 1161 Words
    • 8 Pages
    Powerful Essays
  • Satisfactory Essays

    The data classification policy is intended to provide a framework for classifying a company’s data based on its level of sensitivity. Data classification entails analyzing the data an organization retains, determining its importance and value, and then assigning it to a category. Data is classified to help determine baselines for security controls in that will be implemented to protect the data.…

    • 288 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    26. Separation of duties, periodic vacation, and job rotation are the ways to reduce human risk factors within an organizational structure.…

    • 352 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    IS3445 Project Part 5

    • 343 Words
    • 2 Pages

    What exactly is SDLC? SDLC stands for Software Development Life Cycle. SDLC is a series of phases that provide model for the development and lifecycle management of an application and/or software. Within SDLC, security should also be considered. How is the application going to be secured? Are we using these phases to the best of our knowledge and incorporating as much security as possible? There are six phases within SDLC. They are Systems analysis, design, implementation, testing, acceptance and deployment, and maintenance. There are four ways to secure SDLC. They are Governance, Construction, Verification, and Deployment. Within each way to secure SDLC, Governance there is strategy and metrics, policy and compliance, education and guidance, threat assessment, security requirements, security architecture, design review, code review, security testing, vulnerability management, hardening environments, and operations.…

    • 343 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    Is3350 Unit 1 Assignment

    • 1635 Words
    • 7 Pages

    Students must sign here ………………………………………… to show that they have read and adhered to the University plagiarism regulations as stated in the student handbook.…

    • 1635 Words
    • 7 Pages
    Powerful Essays
  • Good Essays

    On 3 May 2006, a Department of Veterans Affairs (VA) laptop was stolen from a VA data analyst’s home in Montgomery County, Maryland. In addition to the laptop, a personal external hard drive was stolen. The external hard drive contained the personal data (names, social security numbers, dates of birth, disability ratings) for 26.5 million veterans and their spouses. It should be noted that the massive data theft was only one of many that had been discovered over the course of 1.5 years.…

    • 673 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Is3110 Chapter 1

    • 789 Words
    • 4 Pages

    | 2. The determination of database requirements is part of a process known as systems development.…

    • 789 Words
    • 4 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Netstat

    • 481 Words
    • 2 Pages

    1. The Netstat command indicates that POP3 is in use on a remote server. Which port is the remote server most likely using?…

    • 481 Words
    • 2 Pages
    Satisfactory Essays
  • Better Essays

    Osi vs Tcp/Ip

    • 1284 Words
    • 6 Pages

    Twiggs. W ( Dec 2000) Open System Interconnection – An Introduction to the OSI Model and Layered Communications.…

    • 1284 Words
    • 6 Pages
    Better Essays
  • Good Essays

    CIE 33 REVIEW QUESTION

    • 1108 Words
    • 4 Pages

    5. List the five layers of the TCP/IP protocol suite. How do the layers of the OSI model compare with the layers of the TCP/IP protocol suite?…

    • 1108 Words
    • 4 Pages
    Good Essays