Quizz : Etes vous un bon RSSI débutant ?

Commentez les toutes dernières actualités informatiques
Scanner Windows pour détecter les erreurs de registre

Ce que nous vous conseillons :

1. Lisez les réponses ci-dessous où vous trouverez des conseils et de l'aide de la part des autres utilisateurs.

2. Avant de faire des modifications sur votre système ou d'installer des logiciels, nous vous recommandons
    fortement de cliquer ici pour scanner Windows afin de détecter les erreurs de registre.

Messagepar JoShuA » 05 Mai 2006, 13:11

Désolé pour la langue de Shakespeare :

1. What term is used to describe the inability of a sender to deny the sending of a message?

a. Integrity
b. Nonrepudiation
c. Labeling
d. Authenticity

2. Which of the following organizations is primarily concerned with military encryption systems?

a. NSA
d. ITU

3. Which of the following authorization methods requires the client to be preauthenticated?

a. Certificates
b. Tokens
c. Kerberos
d. PAP

4. Which working group is responsible for the development of the X.509 certificate standard?


5. Which protocol provides security for terminal sessions to a remotely located Unix system?

a. SSL
b. TLS
c. SSH
d. PKI

6. Which of the following terms is used to describe an opening left in a program or application by a developer?

a. Back door
b. Window
c. Open latch
d. Black hole

7. Which of the following is a remote administration tool used by hackers to take control of Windows-based systems?

a. Netstat
b. BGP
c. Iwconfig
d. Back Orifice

8. Which of the following keys are needed to make a key recovery process work? (choose all that apply)

a. Current key
b. Previous key
c. Archived key
d. Escrow key

9. Which of the following statements is true?

a. Key renewal is a good practice.
b. Key renewal is a bad practice.
c. Rollovers automatically renew a key.
d. The suspension process automatically renews a key.

10. What is the process of creating new keys to replace expired keys called?

a. Key renewal
b. Rollover
c. Archival
d. Revocation

11. PKCS uses which key pairs for encryption?

a. Symmetric
b. Public/Private
c. Asymmetric/Symmetric
d. Private/Private

12. Which port does the TACACS authentication service utilize by default?

a. 80
b. 49
c. 25
d. 22

13. Which port does the NetBIOS session service utilize by default?

a. 389
b. 143
c. 139
d. 110

14. Which file extension should NOT be allowed with an email attachment?

a. .doc
b. .scr
c. .txt
d. .xls

15. Which port does IPSec use for ESP?

a. 50
b. 51
c. 52
d. 53

16. Which password attack can be used to successfully break the password 7Tt%kJ51&?

a. Dictionary
b. Man-in-the-middle
c. Brute force
d. Birthday

17. Which type of RAID mirrors drives?

a. RAID 0
b. RAID 1
c. RAID 3
d. RAID 5

18. What is the minimum number of disks needed for most deployments of RAID 5?

a. 1
b. 2
c. 3
d. 4

19. What type of system(s) does PGP utilize?

a. Symmetrical
b. Asymmetrical
c. Both symmetrical and asymmetrical
d. Neither symmetrical nor asymmetrical

20. In order for Kerberos to function properly, what must be working correctly?

a. Clustering
b. ODI
c. Time synchronization
d. Pair management

21. What can be used to slow the flow of individuals into a building and funnel them past security?

a. Mantrap
b. Honey pot
c. IDS
d. OSI

22. What is the condition in which unsoldered chips slowly work their way loose and out of a socket over time known as?

a. Firmware scramble
b. Chip creep
c. Shirting
d. Displacement

23. What type of virus modifies and alters other programs and databases?

a. Phish
b. Phat
c. Phage
d. Phart

24. A user you do not know frantically emails you with an urgent message. According to the message, there is a new virus going around that is resetting the dates on all computers to 1969, and they are worried that this might happen to all the systems on your network. What should you first do?

a. Disconnect all users and run a full backup.
b. Email a dozen other administrators and let them know of the problem.
c. Disconnect the network until it is safe again.
d. Verify that this is not a hoax.

25. Which of the following is defined as any unwanted, unsolicited email?

a. Spoof
b. Spam
c. Hoax
d. Junk

26. What is the major difference between a revoked key and a suspended key?

a. There is no difference.
b. A suspended key can't be used again, but a revoked key can.
c. A revoked key can't be used again, but a suspended key can.
d. A key cannot be revoked, but can be suspended.

27. What type of policy is used to lay out guidelines and expectations for upgrades, monitoring, backups, and audits?

a. Administrative
b. Loquacious
c. Cryptographic
d. Associative

28. What would be the acceptable amount of downtime each year with a policy of 98 percent uptime?

a. 1 1/2 days
b. 3 1/4 days
c. 5 2/5 days
d. 7 1/3 days

29. Which of the following client IP addresses would indicate that NAT is likely used on the network?


30. Which type of firewalls are used to process requests from an outside network and make rules-based decisions about whether the request should be forwarded or refused?

a. Proxy
b. Deputy
c. Delegate
d. Representative

31. What are the three primary connectors used with coax?

a. Substitute
b. T-connector
c. Inline
d. Terminating

32. Which type of wireless communication allows a point-to-point connection to be made and requires a direct line of sight?

a. 802.11x
b. WEP
c. WAP
d. Infrared

33. Which model is similar in concept to the Bell La-Padula model, but is more concerned with information integrity?

a. Dome
b. Regulator
c. Biba
d. Grandfather

34. What type of device can authenticate a user based on a physical characteristic?

b. Biometric
d. ARO

35. Which type of attack focuses on finding similar keys in MD5?

a. Birthday
b. Propitious
c. Fateful
d. Centenary

36. Which of the following types of backup sites is not immediately ready to use when a disaster strikes?

a. Chain
b. Round
c. Warm
d. Cold

37. How is information about you (and your preferences) stored within a cookie?

a. Plain text
b. RSA encrypted
c. Hashed
d. MD5 encrypted

38. You have inherited a network utilizing a proxy server that is "dual-homed". What does this mean?

a. It utilizes caching to store the most commonly requested files and serve them to clients.
b. It has two NIC cards — one on the internal network and one on the outside network.
c. It operates as both a proxy server and a client machine for an individual user.
d. It has failover redundancy in case one NIC card or connection fails.

39. Which of the following is the process of luring someone into your plan or trap?

a. Decoy concealing
b. Alluring
c. Enticement
d. Entrapment

40. What is the term used to describe any type of passive attack that intercepts data in an unauthorized manner?

a. Prying
b. Overhearing
c. Snooping
d. Eavesdropping

41. Your intrusion detection software signals that an attack is underway. When you go to investigate, however, you find that the system is functioning exactly as it should and there is no attack. What is this known as?

a. Double negative
b. False positive
c. False alarm
d. Filter error

42. According to CERT, which type of group may be ad hoc, but truly should exist before an incidence occurs?

a. Escalation lineup
b. Working party
c. Recommendation panel
d. Response team

43. The time between when the CRL is issued and when it reaches users may be too long for some applications. What is this time gap referred to as?

a. Latency
b. Deferral
c. Adjournment
d. Lag

44. Which of the following terms is used in conjunction with integrity levels that allow information to flow downward but not upward?

a. Hierarchy
b. Lattice
c. Stepladder
d. Tree

45. Which of the following is the correct formula for computing Annual Loss Expectancy?

a. ALE = SLE / ARO
b. ALE = ARO / SLE
c. ALE = SLE x ARO
d. ALE = SLE + ARO

46. Which encryption protocol is replacing DES as the current standard?

a. AES
b. DSE

47. Which type of attack captures encryption keys by passively monitoring LAN communications and then uses the keys to impersonate authorized users and take over their sessions?

a. Hijacking
b. DoS
c. Multiheaded hydra
d. Kerberos

48. The International Organization for Standardization (ISO) publishes the "Code of Practice for Information Security Management". What is this known as?

a. ISO 23459
b. ISO 17799
c. ISO 443
d. ISO 110

49. What is the name given to software designed with a malicious intent?

a. Spyware
b. Malware
c. Orphanware
d. Harmware

50. Within IPSec, AH and ESP have two modes. What are they? (choose two)

a. Transport mode
b. Tunnel mode
c. Encrypt mode
d. Decrypt mode

Les réponses ici
Avatar de l’utilisateur
Messages: 7245
Inscrit le: 02 Jan 2002, 15:37
Localisation: IdF

Retour vers Les News de Forum-Windows

Qui est en ligne ?

Utilisateurs parcourant actuellement ce forum : Aucun utilisateur inscrit et 2 invités

  •  Liens commerciaux