How well do you know IT Security? Take the Quiz.

Network World published this quiz to test your knowledge of IT security. Take the test to see how much of a security expert you really are. We’ll publish the answers in the next blog.

1. In IPSec, what kind of tunnel is first set up to initiate the VPN-creation process?

  • a. IKE
  • b. ISAKMP
  • c. Lincoln Tunnel
  • d. SSL

2. How can ports 80 and 443 be defended against Web-based threats?

  • a. Web application firewalls
  • b. Content filtering
  • c. White lists
  • d. Black lists
  • e. All of the above

3. Two-factor authentication can include something you have, something you know and…

  • a. Something you are
  • b. Something you make up
  • c. Something encrypted
  • d. Something unique

4. What do corporate security executives regard as the biggest threat to security?

  • a. Removable media such as thumb drives
  • b. Malicious insiders
  • c. Web 2.0 applications
  • d. Unpatched operating systems

5. The goal of network access control (NAC) is:

  • a. Remediating security shortcomings of machines before they connect to networks
  • b. Making sure devices adhere to access policies once admitted to networks
  • c. Linking machines with user identities to impose appropriate polices on them
  • d. All of the above

6. What means did attackers in China use to infiltrate Google’s network?

  • a. Social engineering using Facebook
  • b. Introducing malware via cross-site scripting of Web sites
  • c. Exploiting a flaw in Internet Explorer
  • d. Brute-force attack of Google executive’s passwords

7. Which botnet advance has made eradicating them more difficult?

  • a. Embedding command and control capabilities in zombie machines
  • b. Reinfection via social media sites
  • c. Sheer number overwhelms defensive measures
  • d. Use of rootkits to make bot software more difficult to dislodge

8. Which of the following is not an example of an application vulnerability?

  • a. Lack of sufficient logging
  • b. Fail-open error handling
  • c. Failure to properly close database connections
  • d. Running with least privilege

9. What is one downside of public key encryption?

  • a. It is less secure than using secret keys
  • b. It requires trusting party to verify public keys
  • c. It cannot ensure confidentiality
  • d. It cannot ensure authenticity

10. Which is not a Wi-Fi security option?

  • a. WEP
  • b. WPA
  • c. ICMP
  • 802.11i