Nursing homework help

/in /by

Nursing homework help. All multiple choice questions have only one correct answer. You should provide a short explanation (100 words ) for each selected answer. Use quotation marks if not using your own words, and do not forget to cite full reference when necessary.

Other Guidelines:
· You should submit your exam to your assignment folder in LEO as an HTML, MS-Word or plain text.
· Repeat the text of the questions you have answered.
· Be the clearest and objective you can in all questions and be sure you are answering what is asked.
· Put your name in the exam.
PROBLEM 1 – IPSec and VPN (25 points)
(5 pts each)

  1. a)  An organization is planning to implement a VPN. They want to ensure that after a VPN client connects to the VPN server, all traffic from the VPN client is encrypted. Which of the following would BEST meet this goal?
    A) Split tunnel
    B) Full tunnel
    C) IPsec using Tunnel mode
    D) IPsec using Transport mode
  2. b) Which type of VPN would be best for connecting remote office networks to a central office to provide secure and encrypted network communications?
    A) Remote-access VPN.
    B) SSH – Secure Shell.
    C) Site-to-Site VPN.
    D) Extranet VPN.
  3. c) A system administrator is setting up a file transfer server. The goal is to encrypt the user authentication and the files the user is sending using only a user ID and a key pair. Which one of the following methods would best achieve this goal?
    A) TLS/SSL
    B) IPSec
    C) PGP (Pretty Good Privacy) encryption
    D) SSH – Secure Shell
  4. d) Which of the following describes the relationship between an extranet and a VPN?
    A) Some extranets are VPNs; some VPNs are extranets.
    B) Some extranets are VPNs; all VPNs are extranets.
    C) Extranets and VPNs are the same type of network.
    D) Extranets are unrelated to VPNs.
  5. e) A company has a large number of remote workers, including traveling salespeople. Which type of VPN would be best for connecting to the network in a secure manner?
    A) L2TP VPN.
    B) Site-to-Site VPN..
    C) IPSec VPN.
    D) Remote-access VPN.


PROBLEM 2 – Firewalls (25 points)
(5 pts each)

  1. a) A company would like to provide for its customers Internet access in their lounge area via an unsecured wireless network. However, customers should not have access to the internal network resources of the company. Which of the following firewall rules would BEST accomplish this?
    A) Block traffic from the wireless access point.
    B) Content filtering on the wireless access point.
    C) Packet filtering on the wireless access point.
    D) Allow traffic from the wireless access point.
  2. b) What is the major advantage of a dedicated firewall device when throughput and security are the main objectives?
    A) The management console is easily installed.
    B) The device contains proprietary operating systems.
    C) The connection to the device is monitored by security personnel.
    D) A thorough packet inspection capability.
    E) The hackers know most router-based firewall code.
  3. c) Which type of network security device was incapable of discriminating between packets originating on the internal network vs. the external network?
    A) Stateful Firewall.
    B) Packet Filter.
    C) Stateless Firewall.
    D) IDS – Intrusion Detection System.
    E) None of the above
  4. d) Which answer best describes a device that sits between your users and the internet and rewrites source ports and source IP Addresses and enhances your security posture?
    A) Network Address Translator.
    B) Web Proxy.
    C) Web Firewall.
    D) Host based firewall.
  5. e) In protecting your web server applications, which of the following vulnerabilities would a firewall NOT help with?
    A) XMAS Tree Scans
    B) Web Server Misconfiguration
    C) ICMP flood
    D) Half-Open scans


PROBLEM 3 – Wireless Network Security (25 points)
(5 pts each)

  1. a) What is the protocol developed for the wireless network communications?
    A) Wireless Encryption Protocol (WEP)
    B) Wireless Application Protocol (WAP)
    C) Wired Equivalent Privacy (WEP)
    D) Wireless Session Protocol (WSP)
  2. b) Which of the following vulnerabilities is unique to 802.11 wireless LANs?
    A) Forged deauthenticateframes
    B) RF jamming
    C) TCP SYN floods
    D) Data sniffing
  3. c) Your job is to configure a wireless network for a business. A core requirement is to ensure that the user credentials are encrypted when users enter their usernames and passwords. Which of the following should be used?
    A) WPA2-pre-shared key (PSK)
    B) WPA2 using CCMP
    C) WPS with EAP-FAST
    D) WPA2 with EAP-TTLS
  4. d) Your job is to implement a wireless network for your organization using WPA2 Enterprise. Which of the following choices is required?
    A) An authentication server with a digital certificate installed on the authentication server
    B) An authentication server with DHCP installed on the authentication server
    C) An authentication server with DNS installed on the authentication server
    D) An authentication server with WEP running on the access point
  5. e) A security administrator is testing the security of an AP that is using WPA2. After running an automated program for several hours she discovered the AP’s passphrase. Which of the following methods was she most likely using?
    A) IV attack
    B) Disassociation attack
    C) WPS attack
    D) Evil twin attack


PROBLEM 4 – Web and Transport Layer Security (25 points)
(5 pts each)

  1. a)  A file server is used to share files and folders among employees within an organization. However, employees should not be able to access all folders on this server. Which of the following methods is the best choice to manage security for these folders?
    A) Assign permissions to each user as needed.
    B) Wait for users to request permission and then assign the appropriate permissions.
    C) Use security groups with appropriate permissions.
    D) Delegate authority to assign these permissions.
  2. b) A central hospital suffered recently a serious attack. The attackers notified that they encrypted a significant amount of data on the hospital’s servers and it would remain encrypted until a substantial sum is paid. Which of the following identifies the most likely threat actor in this attack?
    A) Organized crime
    B) Ransomware
    C) Competitors
    D) Hacktivist
  3. c) The overall security for a database server has to be improved. Which of the following is a preventive control that will assist with this goal?
    A) Disabling unnecessary services
    B) Identifying the initial baseline configuration
    C) Monitoring logs for trends
    D) Implementing a backup and restoration plan
  4. d) A recent attack on your organization’s network resulted in the encryption of a significant amount of data. Later, an attacker demanded that your organization pay a large sum of money to decrypt the data. Security investigators later determined that this was the result of a new employee within your company clicking on a malicious link he received in an email. Which of the following best describes the vulnerability in this scenario?
    A) Ransomware
    B) Untrained user
    C) Resource exhaustion
    D) Insider threat
  5. e) A recent spear phishing attack that appeared to come from your organization’s CEO resulted in several employees revealing their passwords to attackers. Management wants to implement a security control to provide assurances to employees that email that appears to come from the CEO actually came from the CEO. Which of the following should be implemented?
    A) Digital signatures
    B) Spam filter
    C) Employees training
    D) Heuristic-based detection

TOTAL (1-4) 100 points

Nursing homework help