IT Security Management Exam Preparation Guide
Course Introduction
IT Security Management explores the principles, strategies, and practical techniques required to secure organizational information assets in todays dynamic digital environment. The course covers risk assessment, security policies, access control, threat analysis, incident response, regulatory compliance, and disaster recovery planning. Students learn to design, implement, and maintain security infrastructures, emphasizing managerial decision-making and best practices in protecting data and information systems from evolving cyber threats. Through case studies and hands-on exercises, participants develop the competencies necessary to manage and mitigate IT security risks within various organizational contexts.
Recommended Textbook
CWSP Guide to Wireless Security 1st Edition by Mark Ciampa
Available Study Resources on Quizplus
12 Chapters
504 Verified Questions
504 Flashcards
Source URL: https://quizplus.com/study-set/1118 Page 2
Chapter 1: Foundations of Wireless Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21967
Sample Questions
Q1) A(n) ____________________ site has all the equipment needed for an organization to continue running, including office space and furniture, telephone jacks, computer equipment, and a live telecommunications link.
Answer: hot
Q2) Briefly explain how wireless technology benefits the health care industry.
Answer: Wireless LAN point-of-care computer systems allow medical staff to access and update patient records immediately. Many hospitals use laptop computers on mobile carts with barcode scanners and a wireless network interface card connection. Health care professionals can document a patient's medication administration immediately in the computer as they move from room to room without connecting and disconnecting cables.Nurses first identify themselves to the computer system by scanning their own personal bar-coded ID badge or wireless tag. The patient's bar-coded armband is then scanned and all medications that are currently due for that particular patient are brought up on the screen. The medications to be administered are sealed in a pouch with a wireless tag or bar-coded bottles. Nurses scan this barcode or tag before opening the package. An alert immediately appears on the screen if the wrong medication or incorrect amount is identified.
To view all questions and flashcards with answers, click on the resource link above. Page 3
Chapter 2: Wireless LAN Vulnerabilities
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21968
Sample Questions
Q1) In WEP, RC4 uses a(n) ____________________ to create the keystream.
Answer: pseudo random number generator (PRNG)
pseudo random number generator PRNG
Q2) At regular intervals (normally every 100 ms) an AP sends a(n) ____ to announce its presence and to provide the necessary information for other devices that want to join the network.
A) association request frame
B) CRC
C) ICV
D) beacon frame
Answer: D
Q3) When WEP is used for shared key authentication it is serving a dual function of encryption and authentication.
A)True
B)False
Answer: True
Q4) A wireless device is set to look for beacon frames from the AP. This is known as ____________________.
Answer: scanning
Page 4
To view all questions and flashcards with answers, click on the resource link above.
Chapter 3: Passive Wireless Discovery
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21969
Sample Questions
Q1) At regular intervals (normally every 100 ms) the wireless access point sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.
A) phishing
B) beaconing
C) pharming
D) mapping
Answer: B
Q2) A(n) ____ PC is small enough to be held in a single hand yet has many of the features of a laptop computer.
A) PCMCIA
B) Tablet
C) handheld
D) slate
Answer: C
Q3) Passive wireless discovery through wardriving is in itself an illegal activity.
A)True
B)False
Answer: False
To view all questions and flashcards with answers, click on the resource link above.
Page 5
Chapter 4: Active Wireless Attacks
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21970
Sample Questions
Q1) Logic bombs are easy to detect before they are triggered.
A)True
B)False
Q2) A ____ attack is designed to prevent a device from performing its intended function.
A) denial-of-service (DoS)
B) rogue AP
C) phishing
D) pharming
Q3) One of the spyware tools often used is ____.
A) DoS
B) spam
C) adware
D) rogue APs
Q4) Briefly explain the password paradox.
Q5) Once an attacker's wireless device has entered the network and focused its attacks at other similar devices this is known as a(n) ____________________.
Q6) What are the minimum criteria for creating good passwords?
Q7) What are the problems with using default passwords?
Q8) What are some of the characteristics of weak passwords?
To view all questions and flashcards with answers, click on the resource link above. Page 6
Chapter 5: Wireless Security Models
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21971
Sample Questions
Q1) What are the steps involved in the 802.1x authentication procedure?
Q2) PSK requires that a key (also called a(n) ____) be entered in both the access point and the wireless devices.
A) shared secret
B) MIC key
C) mixed key
D) interval key
Q3) AES performs three steps on every block (128 bits) of cleartext. Within the second step, multiple iterations (called ____________________) are performed depending on the key size.
Q4) WPA2 uses the Advanced Encryption Standard (AES) for data encryption but does not support IEEE 802.1x authentication or PSK technology.
A)True
B)False
Q5) When using the transitional security model, open system authentication should be used instead of shared key authentication.
A)True
B)False
Q6) When should you use the transitional security model?
Page 7
To view all questions and flashcards with answers, click on the resource link above.
Chapter 6: Enterprise Wireless Hardware Security
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21972
Sample Questions
Q1) A ____ is a network device that transfers packets between networks.
A) bridge
B) router
C) gateway
D) switch
Q2) A ____ is a device that is used to connect two network segments together, even if those segments use different types of physical media, such as wired and wireless connections.
A) bridge
B) router
C) gateway
D) switch
Q3) Instead of having only a single path through which data can travel, a(n) ____ network provides multiple paths.
A) wireless
B) wired
C) Ethernet
D) mesh
Q4) What are the two basic functions of an access point?
Q5) Describe the main characteristics of transmit power control (TPC).
To view all questions and flashcards with answers, click on the resource link above. Page 8
Chapter 7: Designing a Secure Wireless Network
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21973
Sample Questions
Q1) ____ are designed to protect a device's network ports, or endpoints of communication.
A) Firewalls
B) Switches
C) Hubs
D) Repeaters
Q2) What are the benefits of layering security?
Q3) Security by obscurity is sometimes criticized as being too weak.
A)True
B)False
Q4) What are some of the features and tools provided by antispyware products?
Q5) IEEE 802.11 WLANs have more collisions than wired Ethernet networks.
A)True
B)False
Q6) ____ looks at the incoming packet and permits or denies it based strictly on the rule base.
A) Stateful packet filtering
B) Stateless packet filtering
C) Hubs
D) Stateful hubs
Page 9
To view all questions and flashcards with answers, click on the resource link above.
Chapter 8: Secure Wireless Authentication
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21974
Sample Questions
Q1) ____ allows a RADIUS server to authenticate wireless devices stations by verifying a hash known as MD5 of each user's password.
A) PAP
B) CHAP
C) MS-CHAP
D) EAP-MD5
Q2) The X.500 standard defines a protocol for a client application to access an X.500 directory called the ____.
A) DAP
B) DIB
C) DIT
D) DIU
Q3) ____ measures the resources a user consumes during each network session.
A) Accounting
B) Authorization
C) Authentication
D) Integrity
Q4) What is authentication for a wired network?
Q5) What are the advantages and disadvantages of distributed autonomous site deployment?
To view all questions and flashcards with answers, click on the resource link above. Page 10
Chapter 9: Secure Wireless Transmissions
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21975
Sample Questions
Q1) Endpoints that provide passthrough VPN capability does not require that a separate VPN client application be installed on each device that connects to a VPN server.
A)True
B)False
Q2) ____ key cryptography uses a single key to both encrypt and decrypt the document.
A) User
B) Private
C) Public
D) Known
Q3) Cisco is probably the best-known hardware-based VPN and many of their routers are designed specifically for VPNs.
A)True
B)False
Q4) In IPsec, key management is accomplished through a protocol known as ____.
A) Encapsulating Security Payload (ESP)
B) ISAKMP/Oakley
C) Authentication Header (AH)
D) L2TP
To view all questions and flashcards with answers, click on the resource link above. Page 11
Chapter 10: Managing the Wireless Network
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21976
Sample Questions
Q1) The ____________________ governs the privacy of personal health information.
Q2) Briefly describe how SNMP works.
Q3) A(n) ____________________ is a security management system that compiles information from a computer network or individual computer and then analyzes it to identify security vulnerabilities and attacks.
Q4) ____ uses intelligent algorithms to improve precision by accounting for the environmental effects on the wireless signal itself.
A) Triangulation
B) Trilateration
C) RSSI
D) RF fingerprinting
Q5) ____ allows computers and network equipment to gather data about network performance.
A) SNMP
B) FTP
C) HTTP
D) L2TP
Q6) What is the problem with rogue access points?
Q7) What are the disadvantages of using a WIDS?
To view all questions and flashcards with answers, click on the resource link above. Page 12
Chapter 11: Wireless Security Policy
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21977
Sample Questions
Q1) Briefly explain how to perform a risk assessment.
Q2) Identifying assets is a fairly simple and quick process.
A)True
B)False
Q3) A(n) ____________________ is a document or series of documents that clearly defines the defense mechanisms an organization will employ to keep information secure.
Q4) The best approach to creating a security policy is for a member of the IT staff to create the document in a few days with little or no input from other individuals.
A)True
B)False
Q5) ____ is defined as the obligations that are imposed on owners and operators of assets to exercise reasonable care of the assets and take necessary precautions to protect them.
A) Due care
B) Separation of duties
C) Need to know
D) Risk assessment
Q6) A(n) ____________________ is any threat that exists against an asset.
Page 13
To view all questions and flashcards with answers, click on the resource link above.
Chapter 12: Operational Support and Wireless Convergence
Available Study Resources on Quizplus for this Chatper
41 Verified Questions
41 Flashcards
Source URL: https://quizplus.com/quiz/21978
Sample Questions
Q1) WiMAX is based on the IEEE ____ standard approved in June 2004.
A) 802.3
B) 802.16
C) 802.32
D) 802.56
Q2) Encryption under theWPA2 personal security model is accomplished by using the block cipher ____________________.
Q3) All networks require effective operational support to ensure that everything functions as intended.
A)True
B)False
Q4) The primary difference between 2G and 2.5G networks is that 2.5G networks are ____.
A) circuit-switched
B) packet-switched
C) channel-switched
D) path-switched
Q5) A(n) ____________________ outlines the requested alteration in such a way that it can be determine what type of review is needed prior to accepting (or rejecting) the proposed changes.
To view all questions and flashcards with answers, click on the resource link above. Page 14