Pay to write essay

Saturday, October 12, 2019

A destructive love Essay --

A destructive love Othello is such a character who is portrayed as a tragic hero through his high ranking in army, jealousy caused by racial inferiority, and credulousness for the villain Iago. In ShakespeareÃ¢â‚¬â„¢s play, The Moor of Venice, jealousy is the major component constructed though out the entire play and eventually leads to OthelloÃ¢â‚¬â„¢s downfall and ultimately destroys his marriage with Desdemona. The play is a story of a black hero in the white community at an era of alteration from racist past to a less biased future. During this social transform period, a black Moor is able to be promoted over other white men and therefore Othello is in a higher ranking than most of white people in Venetian society. However, during this period of alteration, many social disciplines and social understanding are arbitrary. On one side, the society promotes a certain degree of racial equality by having black Moor appointed as general. On other side, Othello is alienated in Venetian society because most Venetians see him as an outsider whom is protecting their country. Therefore, Othello only gains respect for his bravery in fighting the war and his reputation for being a skilled general in the army and nothing else like his lieutenant, Cassio is, who comes from an upper class and white race family and has strong social skill. Othello is clearly aware the fact that he is not being recognized as part of Venetian society, yet he cannot do anything to the existing class prejudices. But not only that he is fully aware of presented racial prejudices, this racism has somewhat made him feel racially inferior to other light skinned people around him. OthelloÃ¢â‚¬â„¢s racial inferiority is intensified when he is being compared to Cassio ... ...,Ã¢â‚¬ his jealousy of honor has blinded his mind and he wrestled with a rising feeling of impotence, self-pity and vengeance. Yet, this jealousy also blinds his mind when Desdemona tries to defend herself before Othello smothers her. Othello firmly believes his wife has cheated on him, and he confirms his deed by telling himself that he is defending his honor. Therefore, I believe that right before Othello kills Desdemona, he himself is too afraid that he is wrong about Desdemona because he firmly confirms himself the purpose of this monstrous murder with an apparently upright reason. However, his self-affirmation is crushed as Emilia reveals the truth about the handkerchief and the fact that Iago has plotted all these traces to mislead Othello. OthelloÃ¢â‚¬â„¢s loss of his one true love is like Ã¢â‚¬Å"the base Judean, threw a pearl away/ Richer than all his tribeÃ¢â‚¬ (5.2.352-353).

Friday, October 11, 2019

Response Paper to Buffalo Creek Flood and Buffalo Creek Revisited

Buffalo Creek Flood: An Act of Man and Buffalo Creek Revisited are both documentary films about the disaster that happened on February 26, 1972. PittstonÃ¢â‚¬â„¢s (the name of the coal company) dam broke and released 132 million gallons of waste water in Logan County, West Virginia USA. This paper would feature the authorÃ¢â‚¬â„¢s response towards the two documentary films inspired by the Buffalo Creek disaster. Response to the Films The title of the first documentary is a parody to the claim of the Pittston company that the disaster was an Ã¢â‚¬Å"Act of God,Ã¢â‚¬ claiming that God had simply put more rain water on the dam than it could hold.It is always disturbing to hear anyone blame God for the tragedies that happen in life. It is blasphemy to do such a thing. Instead of blaming God for their mistakes, they could have built a stronger dam, but they did not. As proof of the companyÃ¢â‚¬â„¢s deranged minds, they did not even warn the residents that the dam was on the brink of coll apse. The company even assured the residents that everything was okay, but once they assessed the condition of the dam, they were off in the other direction.These films show, although not in detail, the events that caused the disaster and the events after it through an interview of those involved. What is alarming in this film is how lightly the Pittston coal company took the matter lightlyÃ¢â‚¬â€in an interview. The company president was asked about the responsibility of the company; having pre-conceived the safest answer, he just said that they were still waiting for the results of the investigation when it was clear that they were at fault. Also, when asked about the proper spelling of his name, he laughed and commented that it was the hardest question he had to answer that day.The second film, Buffalo Creek Revisited, is about the condition of the residents after the disaster. Again, alarmingly, the company responsible had not made any significant moves to compensate for the lo sses the residents have had. References Buffalo Creek Flood: An Act of Man Transcript (n. d. ) Retrieved April 26, 2009, from http://appalshop. org/buffalo/media/BCF-transcript. pdf. Buffalo Creek Revisited Transcript. (n. d) Retrieved April 26, 2009, from http://appalshop. org/buffalo/media/BCR-transcript. pdf.

Thursday, October 10, 2019

Company overview

British petroleum (BP) is one of the largest energy companies dealing in fuel for transportation, energy for heat and light, retail services and petroleum products. The companyÃ¢â‚¬â„¢s international headquarters is in London. The company has operations in more than 100 countries and employs over 96,000 people. The company has products under the BP, Castrol, Arco, am/pm, and Wild Bean Cafe brand (BPplc, About Bp, 2009). The company operates under two major business segments; exploration and production, refining and marketing and BP alternative energy.The company basically finds, extract, move oil and gas. The company also makes fuels and products, sells fuels and products as well as generating low carbon energy in a responsible way. The company operates in six continents; South America, North America, Europe, Australasia, Asia and Africa (Vault. com, 2009). BP is also well known for its innovative technology which aims at providing energy to meet the customers demand through efficien t products. Investing in low carbon energy is also another option that the company is exploring (BPplc, About Bp, 2009). Strategic auditThe strategic audit of a corporation is an eight step process that generally encompasses a holistic analysis of the company. The basic aim in strategic audit is to establish the current position which will help the company chart the way forward. A strategic audit helps the company to formulate strategies and select the best strategic alternative(s) for implementation. The first step is the analysis of the current situation. This involves the audit of the current performance and strategic posture. Current performance is evaluated in terms of profitability, market share, and return on investment.Strategic posture looks at the mission, objectives, strategies and policies (BPplc, 2009 Strategy presentation, 2009). The second step is a look at the corporate governance. This means analysis of the board of directors and top management in terms of their str ucture, names and contribution to the company Scanning the external environment for opportunities and threats is the next step of a strategic audit. Under this stage, the company looks at the societal environment, task environment and finally listing all the above factors.The next step is the analysis of the internal environment i. e. strengths and weaknesses. Here, the corporate structure, culture, resources (marketing, finance, research and development, operations and logistics, human resource management and information systems) is looked into. A summary of these factors is then prepared (BPplc, 2009 Strategy presentation, 2009). After looking at the external and internal environments, the company then analyses its strengths, weaknesses, opportunities and threats (SWOT).These are then linked to the companyÃ¢â‚¬â„¢s mission and objectives to establish any relevance. The next step of the strategic audit is the analysis of the strategic alternatives in order to select the best strate gy (ies) to be recommended. The recommendation should be justified by looking at the potential, changes and impacts of the strategy. After making the recommendations, the next step is the implementation of the proposed strategy (ies). The implementation will include assigning duties on who is to develop these strategies. The financial aspect and operating procedures should be analyzed.The last step of the strategic audit is the evaluation and control. Evaluation and control involves a look at the current information system i. e. whether it can provide sufficient feedback and whether there are enough controls (BPplc, 2009 Strategy presentation, 2009). Strategic Alternatives In formulating the best strategic alternatives, the company has to consider the economic, socio-cultural, political-legal, technological and financial strengths and challenges facing the company. Economic environment This involves looking at the economic environment.The company operates in an industry that has oth er large companies e. g. Shell, Chevron, Exxon Mobil, Total and other smaller companies. All these companies have the resources and technical ability to compete at the same level as BP Plc. This is why the company has focused on cost reduction through measures like staff reduction and efficient production. The company has also focused on alternative energy e. g. solar and wind. This is as a result of the challenging operating environment where there has been a growing shift to green energy that has minimal pollution.In an industry faced with rising production costs, the company has been on track by focusing on means and ways of reducing their costs. The focus has been on reducing the number of staff and reducing the number of senior positions in the company by 20%. This strategy has borne fruit with the flattening of the cost curve of the company while those of the competitors keep on rising. The companyÃ¢â‚¬â„¢s focus on new technologies has resulted into improved production capaci ty. In fact the overall production trend for all the major companies has been declining. BP Plc.has defied this trend by increasing its production in the year 2007-2008. The technology used by the company includes Advanced Gas Injection and Water flood technologies that have enabled the company to push the limits of the reservoirs. The drop in oil prices means declining revenues. In order to increase revenues, the company has focused on reducing the performance gap by restoring revenues in areas like Toledo, improving supply optimization in petrochemical and marketing. The company area of focus for petrochemicals is Asia where there is rising demand. The company has also established value chains for its fuel production.Value chains are those activities that create value from the supply to the final delivery to the consumer. This has been achieved through integrated supply and trading which has lead to more revenues. In a bid to increase its oil reserves, the company has also partner ed with TNK of Russia. The partnership has resulted in 30% increase in production. Socio-cultural The company has tried to endear itself to the community in which it operates. BP achieves this through training and employing local staff at all levels. The aim here is to be a local company by creating partnerships with the local community.BP strategic aim is to reduce the levels of resistance to its operations by avoiding cultural conflicts as well as social effects. The company has entered into partnerships with the local community in terms of education, encouraging enterprise, fostering good governance, partnership in public health, access to energy, giving and volunteering, safeguarding human rights, as well as development through community case studies. All these activities are targeted at enhancing and fostering the relationship between the company and all the community in which it operates thus reducing conflicts between the community and the company.Political-legal Some of the challenges that the company could face are the political/ legal. This is because the company has operations in many countries that may be subject to political instability. To mitigate this, the company has formed partnerships with local companies and thus reduces resistance towards the company consequently the company is able to increase its operations and revenues. Rigid legal regimes concerning the operations of foreign companies may negatively impact the operations of the company. The company has reduced this by engaging in partnerships with local companies.Taxation and licensing may vary from country to country. This may have negative impacts on the companyÃ¢â‚¬â„¢s operations. Exploration and production rights may not be granted to the company. BP has overcome this challenge by partnering with the governments of respective countries through agreements. Technological In a bid to improve its operations and increase productivity, the company has adopted innovative technologies. So me of these technologies include the Bright water which uses new inter-well polymer treatment which ultimately improves water flood Recovery.The Company has focused on technology to come up with innovative approaches that can increase production as well as solve energy challenges Financial information BP plc has been able to grow its net income by 39% to $26. 2 billion which is the highest growth rate registered by major energy companies. Cash flow from operations also grew 54% to $ 38. 1 billion on a year on year percentage basis. The company was also the only super major to register growth in reported volumes in new reserves. The company registered a growth of 1% on year on year percentage basis. Apart from operations, the company utilizes debt to finance its activities.The debt is at the rate of 20-30%. All these financial data indicates that the company is focused on growth by efficiently using its cash resources to generate more sales and improve on the shareholders wealth by e ngaging in share buy backs. Recommended strategy Based on the analysis of all the above factors, some of the available strategies are; Ã¢â‚¬â€œ Cost reduction strategies Ã¢â‚¬â€œ Alternative energy by diversification Ã¢â‚¬â€œ Focus on growing markets growth Ã¢â‚¬â€œ Creating value on existing products Ã¢â‚¬â€œ Partnership to grow Ã¢â‚¬â€œ Technology leadership Ã¢â‚¬â€œ Continuous improvement These strategies can be broadly classified into two directional i.e. growth and retrenchment strategies. The company can utilize the growth strategies in its upstream segment (exploration and production) and retrenchment strategies on its down stream business (refining, convenience, refining) (Wheelen, 2006) Implementation of the strategy Strategy implementation involves all the activities and choices that are required for the execution of a strategy. The implementation process basically deciding who is to carry out the plan what must be done and how are the selected people selected to carry out the strategic plan going to do it (Wheelen, 2006).These strategies are normally executed by various heads of business segments subordinated by other employees within the business segments. This has been done through budget allocations, programs that indicate the time frame in which the various strategies need to be implemented and the use of procedures e. g. the Operating Management System that covers employee capabilities to risk assessment. Some of the programs used by the company are those of closing the performance gap which runs from 2008 to 2011, and the reduction of the number of employees in refining and marketing from mid 2007 to the end of 2009 by 3,500.After deciding on who and what must be done, the company must decide on how the strategy is going to be implemented. How a strategy is to be implemented might involve developing new organizational structure. For BP plc, to implement some of its strategies, the company has decided to eliminate certain senior and junior posi tions. Evaluation and control This is the process by which a company can monitor its corporate activities and performance results in order to compare the actual performance with the desired performance. Evaluation and control provides a feedback mechanism where corrective measures can be taken where necessary (Wheelen, 2006)Evaluation and control can be summarized into the following 5 steps Ã¢â‚¬â€œ Determine what to measure Ã¢â‚¬â€œ Establish standards of performance Ã¢â‚¬â€œ Measure actual performance Ã¢â‚¬â€œ Compare actual performance with the standards Ã¢â‚¬â€œ Take corrective action The company has set out plans to reduce costs and improve on efficiency on its operations. The company wants to grow its upstream business (exploration and production) while at the same time turning around its downstream business. Upstream business growth is measured by growth in reserves, increased replacement percentage, and getting more out of reservoirs.Downstream business is to be improved thr ough cost reduction by restructuring the companyÃ¢â‚¬â„¢s operations e. g. by downsizing and recapitalizations Improved bottom-line, high reserve replacement percentages, efficient operations, growth in reserves are some of the standards of performance that the company uses to gauge performance. Actual performance is measured at specified times e. g. for BP plc, restoring revenues from refining performance, improved supply optimization and margin capture in petrochemical and marketing has a time frame of 2008-2011The comparison of actual performance against standard performance has to be done in order to establish the current position for example in 2008; the production grew 1. 5% while the replacement reserve was 136% which was more than the minimum 100% replacement. If the actual performance does not match the expected results, then corrective action needs to be taken. An example is the restoration of capacities in Texas City so as to boost refining and consequently revenues. Refe rences BPplc. (2009, March 3rd). 2009 Strategy presentation. Retrieved April 15th, 2009, from Bp. com: http://www. bp.com/liveassets/bp_internet/globalbp/STAGING/global_assets/downloads/I/IC_bp_strategy_presentation_march_2009_script. pdf BPplc. (2009, March 3rd). About Bp. Retrieved April 15th, 2009, from Bp. com: http://www. bp. com/marketingsection. do? categoryId=2&contentId=7013628 Vault. com. (2009, April 14th). Indusrty Overview. Oil and Gas. Retrieved April 15th, 2009, from Vault. com: http://www. vault. com/nr/main_article_detail. jsp? article_id=22843159&cat_id=0&ht_type=7. Wheelen, J. D. (2006). Essentials of Strategic Mnagement. New Jersey: Prentice Hall. (BPplc, 2009 Strategy presentation, 2009)

Wednesday, October 9, 2019

Introduction of Information Security Systems Cis4385

1. Which if the following IPv6 address type is assigned to multiple interfaces but packets will only be delivered to one? a. Multicast b. Anycast c. Unicast d. Broadcast Grade:1 User Responses:b. Anycast Feedback:a. An anycast address is assigned to a group of interfaces on multiple nodes. Packets are delivered to the Ã¢â‚¬Å"firstÃ¢â‚¬ interface only. 2. Routers operate at which OSI layer? a. Physical b. Transport c. Network d. Session Grade:1 User Responses:c. Network Feedback:a. Routers operate at the network layer making routing decisions based on IP addresses. 3. Which of the following is NOT a private IPv4 address? Choose all that apply. a. 192. 168. 5. 60 b. 172. 25. 6. 4 c. 10. 0. 6. 5 d. 26. 68. 6. 1 Grade:1 User Responses:d. 26. 68. 6. 1 Feedback:a. The private IP address ranges are as follows. IP Class Assigned Range Class A 10. 0. 0. 0-10. 255. 255. 255 Class B 172. 16. 0. 0-172. 31. 255. 255 Class C 192. 168. 0. 0-192. 168. 255. 2554. What is a server that evaluates Internet requests from LAN devices against a set called? a. Proxy b. Firewall c. Load balancer d. NAT server Grade:1 User Responses:a. Proxy Feedback:a. A server that evaluates Internet requests from LAN devices against a set of rules is called a proxy server. NAT servers perform private to public address translation; load balancers manage traffic between cluster hosts; and a firewall filters traffic based on access control lists.5. Which type of device maintains awareness of the status of connections, thereby preventing IP spoofing attacks? a. Stateless packet filterin g firewall b. Stateful packet filtering firewall c. NAT filter d. Application-level gateway Grade:1 User Responses:b. Stateful packet filtering firewall Feedback:a. A stateful packet filtering firewall is one that monitors the state of each connection by examining the header of each packet. Read thisÃ‚ Chapter 2 Ã¢â‚¬â€œ Why Security is Needed A stateless packet filtering firewall does not do this. NAT filters perform only private-to-public address translation. An application-level gateway provides protection to a specific application such as FTP.6. Which of the following firewall services works at the session layer of the OSI model? a. Application layer gateway b. Stateful filtering c. NAT d. Circuit-level gateway Grade:0 User Responses:c. NAT Feedback:a. Circuit-level gateways work at the Session Layer of the OSI model and apply security mechanisms when a TCP or UDP connection is established; they act as a go between for the Transport and Application Layers in TCP/IP.After the connection has been made, packets can flow between the hosts without further checking. Circuit-level gateways hide information about the private network, but they do not filter individual packets.7. Which of the following are the two main functions of a proxy server? a. Caching of web pages b. NAT c. Domain authentication d. DHCP Grade:1 User Respo nses:a. Caching of web pages,c. Domain authentication Feedback:a. A proxy server secures a network by keeping machines behind it anonymous; it does this through the use of NAT. It also improves web performance by caching web pages from servers on the Internet for a set amount of time. b. A proxy server secures a network by keeping machines behind it anonymous; it does this through the use of NAT. It also improves web performance by caching web pages from servers on the Internet for a set amount of time.8. Which of the following devices can detect but not prevent attacks across the entire network? a. NIDS b. Host-based IDS c. NIPS d. Protocol Analyzer Grade:1 User Responses:a. NIDS Feedback:a. Network Intrusion Detection Systems (NIDS) detect but do not prevent attacks across the entire network. Host-based IDS can protect only the host on which it is installed. Network Intrusion Protection Systems (NIPS) can detect and prevent attacks across the entire network. A Protocol Analyzer ca n capture traffic but not act upon it.9. When a NIPs blocks legitimate traffic, what is it known as? a. False negative b. True negative c. False positive d. True positive Grade:1 User Responses:c. False positive Feedback:a. A blocking of traffic is a positive action, and when it is in response to legitimate traffic, it is considered a false action; thus it is a false positive. A false negative would be when an action is NOT taken on traffic that is not legitimate. The other two options are normal actions; a true negative is the allowing of legitimate traffic, whereas a true positive is the blocking of illegitimate traffic.10. Which of the following types of NIPS reacts to actions that deviate from a baseline? a. Signature-based b. Heuristic c. Anomaly-based d. Bit blocker Grade:1 User Responses:c. Anomaly-based Feedback:a. Anomaly-based NIPS recognizes traffic that is unusual and reports it. Signature-based NIPs are configured with the signatures of attacks. Heuristics looks for pat terns in the traffic, whereas bit blocker is a not a type of NIPs.11. Which of the following systems attempt to stop the leakage of confidential data, often concentrating on communications? a. DHCP b. DNS c. DLP d. STP Grade:1 User Responses:c. DLP Feedback:a. Data loss prevention (DLP) systems are designed to protect data by way of content inspection. They are meant to stop the leakage of confidential data, often concentrating on communications. As such, they are often also referred to as data leak prevention (DLP) devices, information leak prevention (ILP) devices, and extrusion prevention systems.Regardless, they are intended to be used to keep data from leaking past a computer system or network and into unwanted hands.12. When a company buys fire insurance they are ____________ risk. a. accepting b. avoiding c. transferring d. reducing Grade:1 User Responses:c. transferring Feedback:a. It is possible to transfer some risk to a third-party. An example of risk transference (also k nown as risk sharing) would be an organization that purchases insurance for a group of servers in a datacenter.The organization still takes on the risk of losing data in the case of server failure, theft, and disaster, but transfers the risk of losing the money those servers are worth in the case they are lost.13. Which of the following processes block external files that use JavaScript or images from loading into the browser? a. URL filtering b. Content filtering c. Malware inspection d. Blacklists Grade:1 User Responses:b. Content filtering Feedback:a. Content filtering is a process that blocks external files that use JavaScript or images from loading into the browser. URL filtering blocks pages based on the URL.Malware inspection looks for malware based on a signature file, and blacklists are items to be denied by spam filters.14. Which of the following actions should NOT be taken for the default account on a network device? a. Delete it. b. Change the password. c. Disable it. d. Leave it as is. Grade:1 User Responses:d. Leave it as is. Feedback:a. The default account has a well-known username and password, so it should be either deleted or disabled, or at a minimum its password should be changed.15. Firewall rules are typically based in all but which of the following? a. IP addresses b. MAC addresses c. Port numbers . Content type Grade:1 User Responses:d. Content type Feedback:a. Firewall rules are typically based on IP addresses, MAC addresses, or port numbers, but they cannot filter for content.16. Which of the following is the target of a double tagging attack? a. VPNs b. VLANs c. Collision domains d. DMZs Grade:1 User Responses:b. VLANs Feedback:a. A double tagging attack can enable the attacker to view traffic from multiple VLANs.17. A network created to allow access to resources from the Internet, while maintaining separation from the internal network is called a ______? a. VPN b. VLAN c. Honeypot d. DMZ Grade:1User Responses:d. DMZ Feedback:a. When talking about computer security, a Demilitarized Zone (DMZ) is a special area of the network (sometimes referred to as a subnetwork) that houses servers which host information accessed by clients or other networks on the Internet, but which does not allow access to the internal network.18. How can access to the remote management of a router be protected? a. Content filtering b. ACLs c. Firewalls d. IPS Grade:0 User Responses:c. Firewalls Feedback:a. Remote access to a router is usually done via Telnet or SSH. The port used (vty line) can be secured using an access control list. The other options can all be used to help protect routers but not access the remote management function.19. You need to allow access from your network to all web sites. What port numbers should be opened in the firewall? Choose all that apply. a. 25 b. 443 c. 80 d. 119 e. 22 f. 23 Grade:1 User Responses:c. 80 Feedback:a. HTTP and HTTPS are the two services you need to allow access to use ports 80 and 443 res pectively.20. Which of the following mitigation techniques can prevent MAC flooding? a. Secure VLANs b. Prevent ICMP responses c. 802. 1x d. 802. 1q Grade:1 User Responses:c. 802. 1x Feedback:a.MAC flooding, which involves overwhelming the memory of the switch with MAC frames sourced from different MAC addresses, can be prevented by requiring authentication on each port through 802. 1x. Secure VLANs cannot prevent this because the frames donÃ¢â‚¬â„¢t need to enter a VLAN to cause the problem. ICMP is at Layer 3, these frames are at Layer 2, and 802. 1q is a VLAN tagging protocol that does not prevent frames from entering the switch through access ports.21. Which of the following attacks cannot be mitigated with a flood guard? a. Smurf attack b. Fraggle c. Teardrop attack d. Session theft Grade:1 User Responses:d.Session theft Feedback:a. The smurf, fraggle, and teardrop attacks all involve sending a flood of packets to a device, using different types of malformed packets. A session theft attack is when a session cookie is stolen and used to authenticate to a server.22. Loop protection is designed to address problems that occur with which device? a. Switch b. Hub c. Router d. Firewall Grade:0 User Responses:b. Hub Feedback:a. Loops occur when switches have redundant connections causing a loop. Loop guard (or loop protection) can prevent loops on the switch.23. When creating an ACL which of the following statements is NOT true? a.The order of the rules is important for proper functioning b. You must include a deny all statement at the end of the rule set for proper functioning c. The more specific rules should be placed at the beginning of the rule list d. Once created, the ACL must be applied to an interface Grade:1 User Responses:b. You must include a deny all statement at the end of the rule set for proper functioning Feedback:a. There is an implied deny all statement at the end of each ACL and it is not required to include one.24. Which of the following is a n example of insecure network bridging in a LAN? a. Laptop connected to a hotspot and an ad hoc network . Laptop connected to a wireless network and the wired LAN at the same time c. Router connected to two subnets d. PC connected with two NIC to the same LAN Grade:1 User Responses:b. Laptop connected to a wireless network and the wired LAN at the same time Feedback:a. When a laptop connects to a wireless network and the wired LAN at the same time, it can create a bridge between the two allowing access to the LAN. The other scenarios do not create a security problem for the LAN.25. When the administrator creates a rule on the firewall to prevent FTP traffic, this is a type of __________rule. . implicit deny b. implicit allow c. explicit deny d. explicit allow Grade:1 User Responses:c. explicit deny Feedback:a. When traffic is specified to be prevented, it is an explicit deny. When it is denied simply because it was not specifically allowed, that is an implicit deny.26. Network Acces s Control (NAC) is an example of_______________. a. role-based management b. rules-based management c. port-based access d. application layer filtering Grade:1 User Responses:b. rules-based management Feedback:a. Network Access Control (NAC) uses rules by which connections to a network are governed.Computers attempting to connect to a network are denied access unless they comply with rules including levels of antivirus protection, system updates, and so onÃ¢â‚¬â€effectively weeding out those who would perpetuate malicious attacks.27. What type of device is required for communication between VLANs? a. Hub b. Switch c. Router d. Firewall Grade:1 User Responses:c. Router Feedback:a. Hosts in different VLANs are also in different subnets and routing must be performed for them to communicate.28. Which of the following would be least likely to be placed in the DMZ? a. Web server b. DNS server c. Domain controller d. FTP serverGrade:1 User Responses:c. Domain controller Feedback:a. All th e options except a domain controller are often placed in the DMZ so they are accessible to the outside world. A DC however is sensitive and should NOT be placed in the DMZ.29. Subnetting a network creates segmentation at which layer of the OSI model? a. Layer 1 b. Layer 2 c. Layer 3 d. Layer 4 Grade:1 User Responses:c. Layer 3 Feedback:a. Subnetting a network creates segmentation using IP addresses, which is Layer 3.30. What service is required to represent multiple private IP addresses with a single public IP address? a. NAT b. DHCP c. DNS d. DLP Grade:0User Responses:a. NAT Feedback:a. Network Address Translation (NAT) is required to represent multiple private IP addresses with a single public IP address. The specific form of NAT required to represent multiple private IP addresses with a single public IP address is called Port Address Translation (PAT).31. Which of the following is NOT a remote access protocol? a. MS-CHAP b. CHAP c. LDAP d. PAP Grade:1 User Responses:c. LDAP Feedb ack:a. Lightweight Directory Access Protocol is used for accessing directory services such as Active Directory. It is not used in remote access. All other options are remote access protocols.32. Which of the following devices are susceptible to war dialing? a. Modems b. Firewalls c. Content filters d. Load balancers Grade:0 User Responses:a. Modems Feedback:a. Any devices that accept phone calls such as modems or PBX systems with remote phone access are susceptible to war dialing.33. When computers are not allowed to connect to the network without proper security patches and virus updates, the network is using a form of _____________. a. PAT b. DAC c. NAC d. DMZ Grade:0 User Responses:d. DMZ Feedback:a. Network Access Control (NAC) uses rules by which connections to a network are governed.Computers attempting to connect to a network are denied access unless they comply with rules including levels of antivirus protection, system updates, and so onÃ¢â‚¬â€effectively weeding out those who would perpetuate malicious attacks.34. Which of the following items do not need to be changed on a new router to ensure secure router management? a. IP address b. Administrator name c. Administrator password d. IOS version Grade:1 User Responses:d. IOS version Feedback:a. All the options except the IOS version can be set to defaults from the factory and should be changed because they are well known.35. Which of the following is NOT an example of cloud computing? a. SaaS b. IaaS c. PaaS d. BaaS Grade:1 User Responses:d. BaaS Feedback:a. Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS) are all forms of cloud computing.36. On which concept is cloud computing based? a. load balancing b. virtualization c. RAID d. DLP Grade:1 User Responses:b. virtualization Feedback:a. All forms of cloud computing use virtualization.37. A three legged perimeter is a form of ______________. a. VPN b. DMZ c. NAT d. ACL Grade:1 User Responses:b. DMZ Fee dback:a. A three-legged perimeter is a firewall or server with three NICs: one pointed to the LAN, one to the Internet, and one to the DMZ.38. Which of the following is NOT a benefit provided by subnetting? a. It increases security by compartmentalizing the network. b. It is a more efficient use of IP address space. c. It reduces broadcast traffic and collisions. d. It eases administration of the network. Grade:1 User Responses:d. It eases administration of the network. Feedback:a. Subnetting provides a number of benefits but easing administration is not one of them.39. Which of the following is the result of implementing VLANs? . Larger broadcast domains b. Smaller collision domains c. Smaller broadcast domains d. Larger collision domains Grade:1 User Responses:c. Smaller broadcast domains Feedback:a. VLANs break up the network into subnets and as such result in smaller broadcast domains.40. Which of the following services helps conserve public IP addresses? a. NAT b. DHCP c. DNS d . SLIP Grade:0 User Responses:c. DNS Feedback:a. By allowing the use of private IP addresses inside each network and by representing those groups of private IP addresses with a single public IP address, public IP addresses are conserved by NAT.41. Which of the following remote access protocols are used with VPNs? Choose all that apply. a. PPTP b. PPP c. L2TP d. SLIP Grade:1 User Responses:c. L2TP,d. SLIP Feedback:a. Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling protocol (L2TP) are used with VPNs. PPP and SLIP are used for dial-up. /b. Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling protocol (L2TP) are used with VPNs. PPP and SLIP are used for dial-up.42. Which of the following security protocols operates at the network layer of the OSI model? a. IPSec b. SSH c. SSL d. TLS Grade:1 User Responses:a. IPSec Feedback:a.One of the key features of IPSec is its operation at the network layer enabling it to protect any type of communication operating at th e upper layers of the OSI model.43. Which of the following are components of SNMP? Choose all that apply. a. NMS b. IPSec c. Agent d. CARP Grade:1 User Responses:b. IPSec,c. Agent Feedback:a. The three components of SNMP are a network management system (NMS), agent software, and the managed device, where the agent software operates. /b. The three components of SNMP are a network management system (NMS), agent software, and the managed device, where the agent software operates.44. SSL is designed as a secure replacement for which of the following? a. PPP b. Telnet c. TLS d. SSH Grade:0 User Responses:d. SSH Feedback:a. SSL is designed as a secure replacement for Telnet, which transmits in clear text.45. Which of the following protocols supersedes SSL? a. SSH b. TLS c. S/MIME d. EAP Grade:0 User Responses:a. SSH Feedback:a. TLS 1. 2, the latest version, is used when establishing an HTTPS connection and supersedes SSLv3.46. The operation of which of the following protocols makes the SY N flood attack possible? a. IPX/SPX b. AppleTalk c. TCP/IP d. RIP Grade:1 User Responses:c. TCP/IP Feedback:a.TCP/IP uses a three-way handshake for its connection, and the SYN flood attack attempts to take advantage of the operation of this connection operation.47. Which of the following provides secure web access? a. SFTP b. HTTP c. HTTPS d. SSH Grade:1 User Responses:c. HTTPS Feedback:a. HTTPS uses port 443 and is the standard for secure web access.48. SCP is a secure copy protocol that uses the port of which other protocol for transfers? a. HTTPS b. SSH c. SSL d. FTPS Grade:0 User Responses:d. FTPS Feedback:a. Secure copy (SCP) is another example of a protocol that uses another protocol (and its corresponding port). It uses SSH and ultimately uses port 22 to transfer data.49. Which of the following protocols is abused when a ping flood occurs? a. SNMP b. IGMP c. ICMP d. EIGRP Grade:0 User Responses:a. SNMP Feedback:a. Ping floods use ICMP echo request packets aimed at the target. 50. Which of the following security mechanisms are built into IPv6? a. IPSec b. SSL c. HTTPS d. EAP Grade:1 User Responses:a. IPSec Feedback:a. IPv6 has IPSec support built in.51. What method is used by SSL to obtain and validate certificates? a. SPI b. PKI c. TLS d. EAP Grade:1 User Responses:b. PKI Feedback:a.SSL and TLS use a public Key Infrastructure (PKI) to obtain and validate certificates.52. What port number does FTPS use to protect the transmission? a. 21 b. 88 c. 443 d. 445 Grade:0 User Responses:a. 21 Feedback:a. FTPS uses SSL or TLS over port 443 to make a secure connection.53. Which of the following protocols uses port 22, normally used by SSH, to make a secure connection? a. FTPS b. SCP c. SFTP d. SSL Grade:0 User Responses:b. SCP Feedback:a. Secure FTP (SFTP) uses port 22, the port for SSH, which is why it is also sometimes called SSH FTP.54. Which protocol uses ports 161 and 162? a. SMTP b. IMAP4 . SNMP d. IGMP Grade:0 User Responses:a. SMTP Feedback:a. SNMP is used to collect information about and make changes to devices on the network. It uses ports 161 and 162.55. Which protocol uses the same port as HTTPS? a. SCP b. FTPS c. SFTP d. IMAP4 Grade:0 User Responses:c. SFTP Feedback:a. FTP secure (FTPS) uses port 443, which is also used by HTTPS.56. Which protocol uses port 69? a. SCP b. FTPS c. TFTP d. IMAP4 Grade:1 User Responses:c. TFTP Feedback:a. TFTP uses port 69.57. What port number is used by Telnet? a. 80 b. 443 c. 21 d. 23 Grade:1 User Responses:d. 23 Feedback:a. Port 23 is used by Telnet.58. Which port does HTTP use? a. 80 b. 443 c. 21 d. 23 Grade:0 User Responses:b. 443 Feedback:a. HTTP uses port 80.59. Which port does SCP use to transfer data? a. 80 b. 22 c. 21 d. 23 Grade:0 User Responses:c. 21 Feedback:a. SCP uses SSH and thus port 22 to transfer data.60. Which protocol uses port 443? a. HTTPS b. FTPS c. TFTP d. IMAP4 Grade:1 User Responses:a. HTTPS Feedback:a. HTTPS uses port 443.61. Which two protocols use port 22? a. HTTPS b. FT PS c. SSH d. SCP Grade:2 User Responses:c. SSH,d. SCP Feedback:a. SCP uses SSH and thus port 22 to transfer data, so both protocols use this port. b. SCP uses SSH and thus port 22 to transfer data, so both protocols use this port.62. Which ports does the NetBIOS protocol uses? Choose all that apply. a. 138 b. 139 c. 137 d. 140 Grade:3 User Responses:a. 138,b. 139,c. 137 Feedback:a. The NetBIOS protocol uses ports 137 through 139. /b. The NetBIOS protocol uses ports 137 through 139. /c. The NetBIOS protocol uses ports 137 through 139.63. What protocol uses port 53? a. HTTPS b. FTPS c. SSH d. DNS Grade:0 User Responses:b. FTPS Feedback:a. DNS uses port 53.64. Which port number does RDP use? a. 3389 b. 1723 c. 1701 d. 140 Grade:1 User Responses:a. 3389 Feedback:a. Port 3389 is used for Remote Desktop (RDP).65. What protocol uses port 25? a. HTTPS b. SMTP c. SSH d. DNS Grade:1 User Responses:b. SMTP Feedback:a. SMTP uses port 25.66. Which of the following statements is true regarding WP A and WPA2? (Choose all that apply. ) a. WPA uses 256-bit encryption. b. WPA2 uses 128-bit encryption. c. WPA uses TKIP. d. WPA2 uses AES. Grade:2 User Responses:c. WPA uses TKIP. ,d. WPA2 uses AES. Feedback:a. WPA uses TKIP 128-bit encryption, whereas WPA2 uses 256-bit AES. /b. WPA uses TKIP 128-bit encryption, whereas WPA2 uses 256-bit AES.67. Which statement is NOT true with regard to WPA2? a. Uses AES encryption b. Meets requirements of 802. 11i c. Uses TKIP encryption d. Uses 256 bit encryption Grade:1 User Responses:c. Uses TKIP encryption Feedback:a. WPA uses TKIP but WPA2 uses AES.68. Which of the following is the security provided in the original 802. 11 standard? a. WPA b. WPA2 c. WEP d. CCMP Grade:1 User Responses:c. WEP Feedback:a. Wired Equivalent Privacy (WEP) is the security provided in the original 802. 11 standard.69. What is the authentication system that calls for a supplicant, authenticator, and authentication server called? . EAP b. WPA c. WPA2 d. WEP Grade:1 Us er Responses:a. EAP Feedback:a. Extensible Authentication Protocol (EAP) is an authentication system that calls for a supplicant, authenticator, and authentication server.70. Which of the following implementations of EAP requires certificates on the client and the server? a. EAP-FAST b. EAP-TTLS c. PEAP d. EAP-TLS Grade:1 User Responses:d. EAP-TLS Feedback:a. EAP-TLS requires certificates on the client and the server.71. Which of the following versions of EAP is Cisco proprietary? a. LEAP b. EAP-TTLS c. PEAP d. EAP-TLS Grade:1 User Responses:a. LEAP Feedback:a. Lightweight EAP is a version that works only on Cisco devices unless the device is from a partner that participates in the Cisco Compatible Extensions program.72. Why are MAC filters not effective in preventing access to the WLAN? a. The MAC addresses of allowed devices are contained in the beacon frames sent by the AP. b. The MAC addresses of allowed devices are contained in any frames sent by the allowed device. c. The admi nistrative effort to maintain the MAC list is prohibitive. d. If the user changes his MAC address, the filter will disallow entry. Grade:1 User Responses:b.The MAC addresses of allowed devices are contained in any frames sent by the allowed device. Feedback:a. The MAC addresses of allowed devices are contained in any frames sent by the allowed device and can be seen by those using wireless protocol analyzers. The MAC address can then be spoofed for entry.73. Which of the following frame types contain the SSID? (Choose all that apply. ) a. Beacon frames b. Data frames c. Association frames d. Authentication frames Grade:3 User Responses:b. Data frames,c. Association frames,d. Authentication frames Feedback:a. The SSID is contained in all frames.If the SSID is hidden, it is removed only from the beacon frames. /b. The SSID is contained in all frames. If the SSID is hidden, it is removed only from the beacon frames. /c. The SSID is contained in all frames. If the SSID is hidden, it is removed only from the beacon frames.74. TKIP was designed to correct the shortcomings of which of the following? a. EAP b. WPA c. WEP d. WPA2 Grade:1 User Responses:c. WEP Feedback:a. TKIP was designed to correct the shortcomings of WEP. It was a temporary solution for use until the 802. 1x standard was completed.75. Which of the following encryption protocols is used with WPA2? . TKIP b. CCMP c. WEP d. DES Grade:1 User Responses:b. CCMP Feedback:a. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is the encryption protocol used with WPA2. It addresses the vulnerabilities of TKIP and meets requirements of IEEE 802. 11i.76. Which antenna types would be best for shaping the signal away from the front of the building for security purposes while still providing coverage in the other part of the building? (Choose all that apply. ) a. Yagi b. Omni c. Parabolic dish d. Semidirectional Grade:2 User Responses:a. Yagi,d. Semidirectional Feedback:a.You can us e a yagi antenna, which is a type of semidirectional antenna, to shape the coverage area as called for in the scenario. /b. You can use a yagi antenna, which is a type of semidirectional antenna, to shape the coverage area as called for in the scenario.77. How can you keep the existing radiation pattern of the antenna while reducing the coverage area? a. Increase the power of the transmitter. b. Decrease the power of the transmitter. c. Change the polarity of the antenna. d. Remove one of the attenuators from the line. Grade:1 User Responses:b. Decrease the power of the transmitter.Feedback:a. Reducing the power level maintains the radiation pattern while making the area of radiation smaller.78. What organization created WPA? a. FCC b. Wi-Fi Alliance c. IEEE d. ISO Grade:1 User Responses:b. Wi-Fi Alliance Feedback:a. The Wi-Fi Alliance created WPA to address the weaknesses of WEP.79. To which standard is WPA2 designed to adhere? a. 802. 16 b. 802. 11f c. 802. 11i d. 802. 11e Grade:1 User Responses:c. 802. 11i Feedback:a. WPA2 is designed to adhere to the 802. 11i security standard.80. Which of the following is the weakest form of security? a. TKIP b. WPA c. WEP d. EAP Grade:1User Responses:c. WEP Feedback:a. WEP is the weakest form of security. It has been cracked and is not suitable for Enterprise WLANs.81. A ______________ attack intercepts all data between a client and a server. a. DDoS b. Man-in-the-middle c. Replay d. Smurf Grade:1 User Responses:b. Man-in-the-middle Feedback:a. Man-in-the-middle is a type of active interception. If successful, all communications now go through the MITM attacking computer.82. When a group of compromised systems attack a single target it is a called a _______________ attack. a. DDoS b. Man-in-the middle c. Replay d. Smurf Grade:1User Responses:a. DDoS Feedback:a. A distributed denial-of-service attack occurs when a group of compromised systems launches a DDoS attack on a single target.83. When valid data transmissions are maliciously or fraudulently repeated, it is called a _______________ attack. a. DDoS b. man-in-the middle c. replay d. smurf Grade:1 User Responses:c. replay Feedback:a. When valid data transmissions are maliciously or fraudulently repeated, it is a called a replay attack.84. What attack sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork? a.DDoS b. Man-in-the middle c. Replay d. Smurf Grade:1 User Responses:d. Smurf Feedback:a. A smurf attack sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork. The ICMP request is sent to a broadcast address. When all hosts receive the ICMP broadcast request, these host send ICMP replies to the source address, which has been set to the address of the target.85. Changing your MAC address to that of another host is called ___________________. a. spear phishing b. spoofing c. pharming d. vishing Grade:1 User Responses:b . spoofing Feedback:a.Spoofing is when an attacker tails the IP or MAC address of another computer.86. Which of the following is more an aggravation than an attack? a. Spear phishing b. Spoofing c. Spam d. Vishing Grade:1 User Responses:c. Spam Feedback:a. Spam or unwanted email is more an aggravation than an attack.87. Which of the following uses instant messaging as its vehicle? a. Spim b. Spoofing c. Phishing d. Vishing Grade:1 User Responses:a. Spim Feedback:a. Spam Over Instant Messaging (SPIM) uses IM to deliver the spam.88. When VoIP phone calls are used in the pursuit of social engineering, it is called__________. a. spim b. poofing c. phishing d. vishing Grade:1 User Responses:d. vishing Feedback:a. Vishing is phishing performed with VoIP calls, which are harder to trace than regular calls.89. What type of attack is an advanced scan that tries to get around firewalls and look for open ports? a. DDoS b. Man-in-the-middle c. Xmas attack d. Smurf Grade:1 User Responses:c. Xmas attack Feedback:a. Usually using Nmap, the Xmas attack is an advanced scan that tries to get around firewalls and look for open ports.90. __________________ is when an attacker redirects one websiteÃ¢â‚¬â„¢s traffic to another bogus and possibly malicious website. a.DDoS b. Pharming c. Xmas attack d. Smurf Grade:1 User Responses:b. Pharming Feedback:a. Host files and vulnerable DNS software can also be victims of pharming attacks. Pharming is when an attacker redirects one websiteÃ¢â‚¬â„¢s traffic to another bogus and possibly malicious website. Pharming can be prevented by carefully monitoring DNS configurations and host files.91. ___________ is when a person that is not normally authorized to a server manages to get administrative permissions to resources. a. Whaling b. Pharming c. Spear phishing d. Privilege escalation Grade:1 User Responses:d. Privilege escalation Feedback:a.Privilege escalation is when a person that is not normally authorized to a server manages to get adminis trative permissions to resources.92. Which problem is the most difficult to contend with? a. Malicious insider threat b. Fraggle attack c. Distributed denial-of-service d. Whaling Grade:1 User Responses:a. Malicious insider threat Feedback:a. Because the attacker already is inside the network with company knowledge, a malicious insider threat is the most difficult to contend with.93. What type of attack can DNS poisoning lead to? a. Whaling b. Pharming c. Spear phishing d. Privilege escalation Grade:0User Responses:c. Spear phishing Feedback:a. Pharming attacks lead users from a legitimate website to a malicious twin. The easiest way to do this is to poison the DNS cache so that the DNS server sends them to the malicious site.94. Strong input validation can help prevent ____________________. a. bluesnarfing b. SQL injection c. session highjacking d. header manipulation Grade:0 User Responses:c. session highjacking Feedback:a. SQL injection attacks user input in web forms that is not correctly filtered. This can be prevented with input validations.95. LDAP injection is an attack on __________________servers. . SQL b. directory c. web d. email Grade:1 User Responses:b. directory Feedback:a. Lightweight Directory Access Protocol is a protocol used to maintain a directory of information such as user accounts or other types of objects.96. XML injection can be prevented with __________________. a. IDS b. IPS c. input validation d. complex passwords Grade:0 User Responses:d. complex passwords Feedback:a. The best way to protect against this (and all code injection techniques for that matter) is to incorporate strong input validation.97. The .. / attack is also known as ________________. a. irectory traversal b. SQL injection c. session highjacking d. header manipulation Grade:1 User Responses:a. directory traversal Feedback:a. Directory traversal, or the .. / (dot dot slash) attack is a method to access unauthorized parent (or worse, root) directories.98. ___________ __ is when commands and command syntax are entered into an application or OS. a. Directory traversal b. Command injection c. Command highjacking d. Code manipulation Grade:1 User Responses:b. Command injection Feedback:a. Command injection is when commands and command syntax are entered into an application or OS.99. Buffer overflows operate against the _________ of the computer. a. NIC b. disk c. CPU d. memory Grade:1 User Responses:d. memory Feedback:a. A buffer overflow is when a process stores data outside of the memory that the developer intended.100. What is the difference between an XSS and XSRF attack? a. The XSS attack exploits the trust a userÃ¢â‚¬â„¢s browser has in a website, whereas the XSFR attack exploits the trust that a website has in a userÃ¢â‚¬â„¢s browser. b. The XSFR attack exploits the trust a userÃ¢â‚¬â„¢s browser has in a website, whereas the XSS attack exploits the trust that a website has in a userÃ¢â‚¬â„¢s browser. . The XSS attack creates a buffer overflow on the website, whereas the XSFR attack creates a buffer overflow on the client. d. The XSS attack creates a buffer overflow on the client, whereas the XSFR attack creates a buffer overflow on the website. Grade:1 User Responses:a. The XSS attack exploits the trust a userÃ¢â‚¬â„¢s browser has in a website, whereas the XSFR attack exploits the trust that a website has in a userÃ¢â‚¬â„¢s browser. Feedback:a. The XSS attack exploits the trust a userÃ¢â‚¬â„¢s browser has in a website. The converse of this: the XSRF attack exploits the trust that a website has in a userÃ¢â‚¬â„¢s browser. In this attack (also known as a one-click attack), the userÃ¢â‚¬â„¢s browser is compromised and transmits unauthorized commands to the website.101. _______________ are placed by programmers, knowingly or inadvertently, to bypass normal authentication and other security mechanisms in place. a. Landing spots b. Backdoors c. Hotspots d. Code heels Grade:1 User Responses:b. Backdoors Feedback:a. Backdoors a re placed by programmers, knowingly or inadvertently, to bypass normal authentication and other security mechanisms in place.102. An XSS attack is also called a(n) __________________ attack. a. Zero day b. Command injection . Xmas d. Cross site scripting Grade:1 User Responses:d. Cross site scripting Feedback:a. XSS attacks, also called cross site scripting attacks, exploit the trust a userÃ¢â‚¬â„¢s browser has in a website through code injection, often in webforms.103. ______________can be used by spyware and can track people without their permission. a. MAC addresses b. Cookies c. IP addresses d. Attachments Grade:1 User Responses:b. Cookies Feedback:a. Cookies are text files placed on the client computer that store information about it, which could include your computerÃ¢â‚¬â„¢s browsing habits and possibly user credentials.104. Which of the following attachments is the riskiest to open? a.. exe b.. pdf c.. doc d.. txt Grade:1 User Responses:a.. exe Feedback:a. A . exe or executa ble file is one that contains a program that will do something, perhaps malicious to the computer.105. Stolen cookies can be used to launch a(n) ____________________. a. XSS attack b. SQL injection c. session highjack d. header manipulation Grade:1 User Responses:c. session highjack Feedback:a. Session cookies authenticate you to a server and can be used to highjack your session.106. Header manipulation alters information in ______________ headers. a. LDAP b. file c. HTTP . SQL Grade:1 User Responses:c. HTTP Feedback:a. Header manipulation alters information in HTTP headers and falsifies access.107. An ActiveX control is an example of a(n) _________________. a. cookie b. add-on c. cipher d. virus Grade:1 User Responses:b. add-on Feedback:a. You can enable and disable add-on programs such as ActiveX controls in the Programs tab by clicking the Manage add-ons button in Internet Explorer.108. When an attack targets an operating system vulnerability that is still unknown to the world in general, it is called a __________. a. P2P attack b. zero day attack c. whaling attack d. DDoS attack Grade:1User Responses:b. zero day attack Feedback:a. A zero day attack targets an operating system vulnerability that is still unknown to the world in general.109. __________________is a concept that refers to the monitoring of data in use, data in motion, and data at rest. a. DLP b. DHCP c. DEP d. DMS Grade:1 User Responses:a. DLP Feedback:a. Data Loss Prevention (DLP) is a concept that refers to the monitoring of data in use, data in motion, and data at rest. It does this through content inspection and is designed to prevent unauthorized use of data as well as prevent the leakage of data outside the computer (or network) that it resides.110. Which form of DLP is typically installed in data centers or server rooms? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 User Responses:c. Storage DLP Feedback:a. Storage DLP systems are typically installed in data centers or server rooms as software that inspect data at rest.111. Which of the following is an example of drive encryption? a. AppLocker b. BitLocker c. Windows defender d. Trusted Platform Module Grade:1 User Responses:b. BitLocker Feedback:a. To encrypt an entire hard disk, you need some kind of full disk encryption software.Several are currently available on the market; one developed by Microsoft is called BitLocker.112. The beauty of hardware-based encryption devices such as HSM (and TPM) is that it is ____________ than software encryption. a. more difficult to crack b. easier to use than software encryption c. faster than software encryption d. can be used to calculate data other than encryption keys Grade:1 User Responses:c. faster than software encryption Feedback:a. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors.This means that they are used for encryption during secure login/authentication processes, during digital signings of da ta, and for payment security systems. The beauty of hardware-based encryption devices such as HSM (and TPM) is that it is faster than software encryption.113. A _________________ is a chip residing on the motherboard that actually stores the encrypted keys. a. DLP b. DHCP c. DEP d. TPM Grade:1 User Responses:d. TPM Feedback:a. A Trusted Platform Module (TPM) chip is one residing on the motherboard that actually stores the encrypted keys.114. Which of the following is NOT required to encrypt the entire disk in Windows?Choose all that apply. a. TPM chip or USB key b. A hard drive with two volumes c. HSM Module d. Cryptoprocessor Grade:2 User Responses:c. HSM Module,d. Cryptoprocessor Feedback:a. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors; however, they are NOT a part of encrypting the entire disk in Windows. /b. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors; however, they are NOT a part of encry pting the entire disk in Windows.115. Probably the most important security concern with cloud computing is _______________. . less secure connections b. loss of physical control of data c. weak authentication d. bug exploitation Grade:1 User Responses:b. loss of physical control of data Feedback:a. Probably the most important security control concern is the physical control of data that is lost when an organization makes use of cloud computing.116. Which of the following is NOT a solution to security issues surrounding cloud computing? a. Complex passwords b. Strong authentication methods c. Standardization of programming d. Multiple firewalls Grade:1 User Responses:d. Multiple firewalls Feedback:a. Solutions to these security issues include complex passwords, strong authentication methods, encryption, and standardization of programming.117. Which form of DLP is typically installed on individual computers? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 Us er Responses:a. Endpoint DLP Feedback:a. Endpoint DLP systems run on an individual computer and are usually software-based. They monitor data in use such as email communications and can control what information flows between various users.118. Where could you disable the use of removable media on a computer? a. Device manager . BIOS c. Control panel d. Programs and features Grade:1 User Responses:b. BIOS Feedback:a. BIOS settings can be used to reduce the risk of infiltration including disabling removable media including the floppy drives and eSATA and USB ports.119. What are two shortcomings of using BitLocker drive encryption? a. Weak encryption b. Expensive c. Performance suffers d. Shorter drive life Grade:2 User Responses:c. Performance suffers,d. Shorter drive life Feedback:a. A drive encrypted with BitLocker usually suffers in performance compared to a nonencrypted drive and could have a shorter shelf life as well. /b. A drive encrypted with BitLocker usually suffers in perfo rmance compared to a nonencrypted drive and could have a shorter shelf life as well.120. Which form of DLP is typically installed on the perimeter of the network? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 User Responses:b. Network DLP Feedback:a. Network DLP systems can be software or hardware solutions that are often installed on the perimeter of the network. They inspect data that is in motion.121. Software as a service (SaaS) is a type of _____________ computing. a. HSM b. cloud c. role-based d. TPM Grade:1 User Responses:b. cloudFeedback:a. Software as a Service (SaaS) is the most commonly used and recognized example of cloud computing. SaaS is when users access applications over the Internet that are provided by a third party.122. Which form of DLP inspects ONLY data in motion? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 User Responses:b. Network DLP Feedback:a. Network DLP systems can be software or hardware solut ions that are often installed on the perimeter of the network. They inspect data that is in motion.123. Which of the following is NOT an example of cloud services? a. SaaS b. IaaS c. PaaS d. BaaS Grade:1User Responses:d. BaaS Feedback:a. Examples of cloud services include Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).124. When an electronic control suffers an error, reports the error, and shuts down, it is called_____________. a. Failopen b. Failsafe c. Failclose d. Failshut Grade:1 User Responses:b. Failsafe Feedback:a. When the control fails and shuts down, it is a failsafe. When it fails and leaves a vulnerable system, it is a failopen.125. What should be the first thing you check when an intrusion has been detected? a. Firewall logs b. Server logs c. Workstation logs d.Security patches Grade:1 User Responses:a. Firewall logs Feedback:a. Logging is also important when it comes to a firewall. Firewall logs should be the first th ing you check when an intrusion has been detected. You should know how to access the logs and how to read them.126. Which log on a Windows server is where you could learn if Joe logged in today? a. Applications b. System c. Security d. DNS Grade:1 User Responses:c. Security Feedback:a. The security log contains entries about logins and access to resources both successful and unsuccessful.127. Which of the following is NOT an example of physical security? a. Mantraps b.Security logs c. Video surveillance d. Hardware locks Grade:1 User Responses:b. Security logs Feedback:a. Security logs track activities on the network which is logical not physical security.128. Which of the following is NOT a type of door lock? a. Cipher b. Keyed c. Cardkey d. Mantrap Grade:1 User Responses:d. Mantrap Feedback:a. A mantrap is a two door system designed to prevent tailgating.129. Which of the following is NOT an example of operating system hardening? a. Disabling unnecessary services b. Removing the N IC c. Protecting management interfaces d. Password protection Grade:1 User Responses:b. Removing the NIC Feedback:a.Hardening the system should not reduce its functionality, and removing the NIC would do that.130. Which of the following standards is often referred to as port-based security? a. 802. 1x b. 802. 11 c. 802. 11n d. 802. 1 Grade:1 User Responses:a. 802. 1x Feedback:a. 802. 1x enforces perimeter security by keeping the port of the station closed until authentication is complete.131. In which type of monitoring is network traffic analyzed for predetermined attack patterns? a. Signature-based monitoring b. Anomaly-based monitoring c. Behavior-based monitoring d. Reactive-based monitoring Grade:1 User Responses:a. Signature-based monitoringFeedback:a. Network traffic is analyzed for predetermined attack patterns. These attack patterns are known as signatures.132. A(n) __________________ uses baseline reporting and other analyses to discover vulnerabilities and weaknesses in s ystems. a. NAT b. SPA c. SLA d. PSK Grade:1 User Responses:b. SPA Feedback:a. The security posture can be defined as the risk level to which a system, or other technology element, is exposed. Security Posture Assessments (SPA) use baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems.133. Which of the following indicate a problem currently occurring? . Trends b. Baselines c. Alarms d. Averts Grade:1 User Responses:c. Alarms Feedback:a. Although alerts indicate an issue that MAY need attention, alarms indicate a problem currently occurring.134. Which of the following are detection controls? (Choose all that apply. ) a. IDS b. IPS c. Video cameras d. Security guard Grade:2 User Responses:a. IDS,c. Video cameras Feedback:a. Detection controls, such as Intrusion Detection systems and video cameras record only activity; they do not prevent it. /b. Detection controls, such as Intrusion Detection systems and video cameras record only activity; they do not prevent it.135. Which of the following is designed to prevent tailgating? a. Mantraps b. Security logs c. Video surveillance d. Hardware locks Grade:1 User Responses:a. Mantraps Feedback:a. Mantraps use double doors to prevent tailgating.136. Which of the following is a proximity reader? a. a security card that transmits the location of the holder b. a device that tracks how close an individual is c. a security card reader that can read the card from a distance d. a card reader that locks the door when the holder is a certain distance from the door Grade:1 User Responses:c. security card reader that can read the card from a distance Feedback:a. These cards use radio waves to transmit to the reader.137. By frequently updating systems and by employing other methods such as group policies and baselining, you _____________ the systems. a. brace b. harden c. virtualize d. hardline Grade:1 User Responses:b. harden Feedback:a. By frequently updating systems and by employing other metho ds such as group policies and baselining, you harden the system.138. Installing service packs is a part of the ___________ process. a. baselining b. hardening c. scaling . security templating Grade:1 User Responses:b. hardening Feedback:a. Hardening the OS is accomplished through the use of service packs, patch management, hotfixes, group policies, security templates, and configuration baselines.139. ______________ can be described as unauthorized WAPs that inadvertently enable access to secure networks. a. Rogue access points b. Evil twin c. War driver d. Phisher Grade:1 User Responses:a. Rogue access points Feedback:a. Rogue access points can be described as unauthorized wireless access points/routers that enable access to secure networks.They differ from an Evil twin in that an Evil twin is strategically placed for the purpose of accessing the network or performing a high jacking attack, whereas rogue access points generally may be placed by employees for their convenience.140. W hich wireless attacks include the introduction of radio interference? a. Rogue Access Point b. Evil twin c. War driver d. Bluesnarfing Grade:1 User Responses:b. Evil twin Feedback:a. The evil twin attack includes jamming the network to cause the stations to associate with the evil twin AP.141. When executing the Evil twin attack, what value must match on the Evil twin and the legitimate AP? . IP address b. SSID c. MAC address d. Admin password Grade:1 User Responses:b. SSID Feedback:a. The Evil twin attack includes jamming the network to cause the stations to associate with the Evil twin AP. The stations will not roam to the Evil twin unless the SSID is the same as the legitimate AP.142. ________________ is when a person attempts to access a wireless network, usually while driving in a vehicle. a. War chalking b. Radiophishing c. War driving d. Bluesnarfing Grade:1 User Responses:c. War driving Feedback:a. War driving is when a person attempts to access a wireless

(Business information system) You are required to conduct a detailed Research Paper

(Business information system) You are required to conduct a detailed on an organization's information system, analyze - Research Paper Example These included Europe, comprising all existing controlled business located in Europe, in addition to Turkey, Hungary, and Czech Republic. The company heavily relies on IT and it has incorporated IT in its Market structure as a tool for successful implementation of it programs. This paper discusses and describes the Vodafone Group business organization structure with a focus on the role of IT in its business organization structure. Historical Background of Vodafone Group Vodafone Company started as a joint venture between Hambros Technology Trust Millicom and the subsidiary of Racal Electronics PLCÃ¢â‚¬â„¢s strategic Radio Ltd in 1982 with its name being derived from a companyÃ¢â‚¬â„¢s goal of establishing data services and voice services over mobile telephone networks. Hence, its network was called Racal Vodafone (Saylor 56). The company was renamed Racal Telecom in 1988. In 1991, Racal Telecom became demerged from the Racal Electronics there is when the mobile telephony giant came i nto existence. In 1996, the company bought people phone and acquired 80% of the Astec Communication, a move that so it increase its shares of the UK mobile customers (Read 46). In 2000, the Group reverted its former name Vodafone Group PLC selling most of the manufacturing related operations. It made the first 3G Voice Call in 2001 on the UkÃ¢â‚¬â„¢s Vodafone 3G network. The company signed a partner agreement with the Mobikom Australia, and became introduced in the Icelandic market. In 2004, it went into an agreement with LuxembourgÃ¢â‚¬â„¢s LuxGSM. The Group increased its participation in the Connex of Romania and purchased Czech mobile operator. The period between 2004 to date has seen the company expand through entering into partnership with various communication companies worldwide (Read 57). On the overall from 1980 to 1991, the company bore the name Racal Telecom Brand. Its name was change to Vodafone Group retaining this name from 1991 to 2000. Since 2000 till now, the compan y has retained the name Vodafone Group PLC (Thomson 43). Business Organization Structure of the Vodafone Group Since it was founded under the auspice of Vodafone Group plc, the Vodafone Company has realized drastic transformations. It has changed its brand from the Racal Telecom Brand to the Vodafone Group and finally the Vodafone Group PLC, alongside its organization structure. As of 9th December 2010, the company has retained a business organization that is all inclusive and diverse. This section describes the GroupÃ¢â‚¬â„¢s Organization structure as of 9th December 2010 to date. In regard to its operating companies, the Group has two operating regions reflecting the different geographies or different nature of assets, as well as to reflect the differences in development of the sector considering various economies. These included Europe, comprising all existing controlled business located in Europe, in addition to Turkey, Hungary, and Czech Republic. The CEO (Michel Combel) is in charge of Europe region. For other regions, including businesses located in the Middle East, Africa and Asia, Fiji, Australia plus New Zealand, Nick Read is at the top as the Regional CEO. The Vodafone Group has other senior officials including the Group CFO, CEO and Strategy and Business Development Director. These officials are charged with the responsibility of effecting strategies for maximization of the shareholder value

Monday, October 7, 2019

534 chapter 6,7 Essay Example | Topics and Well Written Essays - 500 words

534 chapter 6,7 - Essay Example Digital technology is vital in class because it makes learning in class quite simple and fast. Three web resources that are essential in learning include amazon, Google scholar and online tutorials. Amazon is a vital web resource because students can use it to buy books that they may need to get more info about a particular topic in class. Google scholar is a globally recognized company that ensures that students can access scholarly articles online. With Google scholar, students can do research about a certain topic or search for information that can enable them do research on a particular subject. There are also a number of online tutorials for learning how to use a particular software, how to design websites, and educational toys. These online tutorials offer the students access to information that can enable them learn new things such as designing websites, using software and acquiring new skills. Social networking issues are important in class because they help students and teachers connect with each other. When students and teachers are able to connect with one another, it means that they can communicate effectively and students will be able to tell their teachers whether or not they understand a point in class. Social-ethical issues in class include effective communication, reading, discussion and writing about the subject in class. The social-ethical issues are important because they ensure that the students clearly understand what the teacher is teaching. Distance learning is recommended for elementary, middle and secondary level because it cuts off the monotony of learning in class. Some students in such levels maybe busy working or doing other causes. Distance learning becomes effective for such students because they no longer have to move to a particular location to attend the classes. Technology has also enabled the ease of distance learning because people can

Sunday, October 6, 2019

LITERATURE REVIEW Essay Example | Topics and Well Written Essays - 1500 words - 2

LITERATURE REVIEW - Essay Example Ã¢â‚¬ In the same context, the paper therefore seeks to establish the different ethical issues that may affect the running of a multinational company. This is important because the success of human resource management of any company is highly dependent on ethical issues put in place by the entire management board. According to Trevino and Nelson (2012, p.215), ethical issues regardless of the cultural situation are defined by primary and secondary stakeholders. The paper will therefore bring into view the different ethical issues as indicated by the AbrahamÃ¢â‚¬â„¢s Stakeholder model and try to figure out the strength of these ethical issues as would determine the success of human resource management and progressive development in a company operating multi-nationally. Stakeholders That Determine Company Ethics Business partners Partnership in a business can be a much polarised issue when unethical business actions are put in place by one organization. According to Pige (2002, p.4), a business will run effectively if the business partners perceive it as being beneficial to them. In this case, they are bound to support each other in their various capacities and the various business entities. For instance, if Western Airlines is a company that benefits the economy of a non-western nation like China, the business partners in China will support its operations there. However, if there is suspicion of market dominance by the Chinese partners, there is bound to be creation of unethical business acts to scare away the market from the Western Airlines. This creates a very complicated system in the management of the foreign company as unethical acts may require a lot of public relations to regain the diminishing glory (Phillips, 2011, p. 81). In this case, the issue of Ã¢â‚¬Å"who or what countsÃ¢â‚¬ come in and there is a high level misunderstanding. However, if these two companies have a sound business partnership, there will be a high level ethical business partners hip and ability to create good public relations to each other (Kardys, 2012, p. 2). Customers These are the modest reasons for the existence of any company. From a background perspective, Regelbrugge (1998, p.3) indicates that any business must do all it takes to create a high level market for its products. This is in line with expansion of the customers and rendering their needs to their satisfaction. Any unethical act that hurts the customers goes a long way in alienating a company from a market. Multinational companies in the same way face a very tricky situation in trying to maintain the same in the wake of the unethical issue. A recent article by Soni (2009, p.4) maintained the same idea by insisting that if company staffs mishandle a customer, it may go a long way in becoming unethical in the entire customer society. The business will therefore lose a high level customer base to its competitors who are always at standby to initiate these into their company products. Employees Ethics inside an organization has not been a recent issue. As indicated earlier, the motivation to work effectively is levelled towards the beneficial factors that can be realised at the end of the whole process. Employees always have competing goals. According to MaslowÃ¢â‚¬â„¢s hierarchy of needs, there is always a need to be happy and the need for satisfaction comes in. The management levels in all organizations however are never the same. Some are horizontal while