Network World published this quiz to test your knowledge of IT security. Take the test to see how much of a security expert you really are. We’ll publish the answers in the next blog.
1. In IPSec, what kind of tunnel is first set up to initiate the VPN-creation process?
- a. IKE
- b. ISAKMP
- c. Lincoln Tunnel
- d. SSL
2. How can ports 80 and 443 be defended against Web-based threats?
- a. Web application firewalls
- b. Content filtering
- c. White lists
- d. Black lists
- e. All of the above
3. Two-factor authentication can include something you have, something you know and…
- a. Something you are
- b. Something you make up
- c. Something encrypted
- d. Something unique
4. What do corporate security executives regard as the biggest threat to security?
- a. Removable media such as thumb drives
- b. Malicious insiders
- c. Web 2.0 applications
- d. Unpatched operating systems
5. The goal of network access control (NAC) is:
- a. Remediating security shortcomings of machines before they connect to networks
- b. Making sure devices adhere to access policies once admitted to networks
- c. Linking machines with user identities to impose appropriate polices on them
- d. All of the above
6. What means did attackers in China use to infiltrate Google’s network?
- a. Social engineering using Facebook
- b. Introducing malware via cross-site scripting of Web sites
- c. Exploiting a flaw in Internet Explorer
- d. Brute-force attack of Google executive’s passwords
7. Which botnet advance has made eradicating them more difficult?
- a. Embedding command and control capabilities in zombie machines
- b. Reinfection via social media sites
- c. Sheer number overwhelms defensive measures
- d. Use of rootkits to make bot software more difficult to dislodge
8. Which of the following is not an example of an application vulnerability?
- a. Lack of sufficient logging
- b. Fail-open error handling
- c. Failure to properly close database connections
- d. Running with least privilege
9. What is one downside of public key encryption?
- a. It is less secure than using secret keys
- b. It requires trusting party to verify public keys
- c. It cannot ensure confidentiality
- d. It cannot ensure authenticity
10. Which is not a Wi-Fi security option?
- a. WEP
- b. WPA
- c. ICMP