1. Reflected and stored are types of XSS attacks.

1. True
2. False

2. An attack has occurred on your network. An attacker was able to traverse several files and folders, looking for sensitive data. What type of attack has occurred?

1. Unsecure direct object reference
2. XSS
3. CRFS
4. Injection flaw

3. AH is the protocol within IPSec used for encryption services.

1. True
2. False

4. As network administrator, you are concerned with the plaintext transmission of sensitive data on the network. Which of the following protocols are used to help secure communications? (Select three.)

A. IPSec

. HITP

1. SSL
2. IKE

5. To increase network security, you have decided to use HTTPS on your shopping cart site. Which of the following ports does HTTPS use? A. 80 B. 53 C. 443 D. 51

6.

_____and AH are used to secure IPSec

transmissions.

7. CSRF attacks exploit the trust a Web site has in a user's Web browser.

1. True
2. False

8. Kerberos is a(n)___

protocol.

9. To increase overall communication security, you decide to implement 3DES encryption. Which of the following statements is true of 3DES?

1. Its key length is 168 bits.
2. It cannot be used in a Windows-based environment.
3. It uses 128-bit encryption.
4. It has to be used with Kerberos.

10. You are concerned about a cross-site forgery attack. Which of the following can you do to help prevent such an attack?

1. Ensure antivirus protection is up to date.
2. Log off of Web sites when finished.
3. Use stronger passwords.
4. Encrypt stored passwords.

11. To establish IPSec encryption, two hosts must create a shared key with each other before SA negotiations can take place.

1. True
2. False