Exemplar

INVESTIGATING THE ECOLOGICAL NICHE OF THE CRAB USING A FAIR TEST INTRODUCTION: The ecological niche of the crab Hemigrapsus edwardsi. The crab is a member of the Crustacea phylum and is in the family Grapsidae. This crab species is found only in New Zealand on rocky shores. The rocky shore, where the crabs studied in this investigation were found is quite exposed. There is a large rock platform that provides small crevices and small rocks which help to protect them from wave action and predators. There are also sea lettuce, and other algae growing on parts of the rocks.The crab has many adaptations that allow it to live on the rocky shore including: †¢ grey/black colour for camouflage †¢ food detection structures (antennae on its head and hairs on the mouth parts to sense chemicals in the sea water) †¢ 4 pairs of legs with muscles that allow it to move sideways, as well as forwards and backwards †¢ behavioural adaptations such as scuttling under rocks when the tid e goes out or to avoid predators †¢ freezing when being attacked (we noticed this when we touched some of them on their backs). This might confuse predators. †¢ gills for gas exchange.The rock pools provide a micro-climate where the temperature and salinity of the water will change, depending on the weather. If it was a really hot day, the rock pools will get warmer, more water will evaporate and the salinity will increase. The crab would have to be adapted to cope with these changes in salinity, otherwise, as the concentration of salt in the water around it changes, it will gain or loose mass due to osmosis. Through the process of osmoregulation, the crab is able to maintain a constant water balance in its body, but to do so requires energy and this could be measured by an increase in the respiration rate.This is what I am going to investigate. Aim: To determine whether the respiratory rate of the crab changes in different salinities. Hypothesis: The respiratory rate of t he crab will increase as the salinity changes away from â€Å"normal† salinity. METHOD Thirty crabs of similar size, were collected from the rocky shore. The salinity was varied by diluting the 200% conc. seawater provided in to five different concentrations. The volume of the solutions was 200mL each. The concentrations were 150%, 125%, 100%, 75%, 50% conc. Water with 100% concentration is equivalent to the concentration of normal seawater.Sixty-five mL of the 150% solution was poured into a petri dish. The petri dish had a thin layer of stones in the base to recreate the natural environment of the crabs. One crab was put into this petri dish and left for five minutes to allow them to adjust to the conditions. The petri dishes were floated on a water bath which was set at 180C. The water bath was placed in the room where the light intensity was the same for all petri dishes. An indirect method of estimating respiration was used. This was to count the number of currents seen on the surface of the water.I assumed that a higher number of currents indicated a higher respiration rate. A little bit of carmine red was sprinkled onto the solution in the petri dish in order to see the movement of water more clearly. The crabs were left in the petri dishes for five minutes before counting the respiratory currents. The respiratory currents were counted for 30 seconds. This amount was doubled to give the rate per minute. 5 more trials with different crabs were done at each concentration. Each time a fresh 65 mL of solution was added. The results were recorded and the rates per minute were averaged.This process was repeated for the 4 remaining concentrations and the results for these were averaged. Results: Average respiratory rate of the crab in different concentrations of seawater. | |% concentration of the water (100% = normal sea water) | | |50 |75 |100 |125 |150 | |Average number of respiratory | | | | | | |currents per minute |7. 2 |6. 75 |6. 00 |7. 50 |12. 4 2 | Average respiratory rate of the crab in different seawater concentrations. Statistical analysis of results: The graph of the results suggests that there is a significant relationship between the concentration of the seawater and the respiratory rate of the crabs. This is confirmed by the r2 value of 0. 9642, which indicates that 96% of the variation in the results is explained by the change in seawater concentration. Conclusion:The respiratory rate of the crab, as measured by respiratory currents, increased when the concentration of the seawater either increased or decreased from the 100% conc. (normal seawater). Discussion: This investigation was carried out to determine whether respiratory rates of the crab increased as the salinity was changed from normal levels. The crab is a euryhaline organism that lives on the rocky shore, often in rock pools. Because of the tidal movements of water, the salinity of the crab’s environment fluctuates. To maintain homeostasis, the cr ab osmoregulates.This means it actively controls the salinity levels inside its body. As the seawater concentration increased or decreased from the concentration of normal seawater (100% conc. ) the respiration rate increased. This is because the crab is most comfortable at the concentration of normal seawater. As osmoregulation involves the active transport of ions, it requires energy to adjust to higher or lower seawater concentrations than 100% seawater. As the salinity of the crab’s environment increases or decreases from the salinity of normal seawater it requires more energy in order to osmoregulate.So in order to obtain that energy, it needs more oxygen and its respiration rate increases. This is necessary for the crab as it must deal with a range of salinity as the tidal pools dry out. If the concentration of the water is greater than that of the crab’s internal environment, it will go through osmosis. Although the crab has an exoskeleton, water can still leave its body through the space around its joints and gills. Evaluation: Initially I found that there were several problems with my investigation.The most significant one was that the crabs were out of their natural environment which made them more fidgety. Some of mine even attempted to escape from the petri dishes during the trials. This clearly shows that they were unsettled and perhaps not responding as they usually would. If they decided to stay inside the petri dish, they stayed close to the edge and moved away from the movement of people around them. I moved my investigation to a more secluded position and screened them off with a cover so that were not able to see what was around them.I also lined the petri dish with a thin layer of stones to attempt to somewhat recreate the natural environment. This change made the crabs calmer and produced a more natural response. The counting of actual respiration itself was difficult as it was a humid day and the carmine red seemed to be con gealing before being placed in the water. Perhaps in humid conditions chalk dust or very fine sand would have been more suitable but these were not available where I was carrying out the investigation.Where the crabs were sampled from may have biased the outcome of the results as the position in the tidal zone might influence the levels of salinity that they were accustomed to. Most of my animals appeared to be female, this may also have biased my results. Further investigations would need to be carried out to determine if sex or original location influences crab respiration rate. Despite these limitations my results show that the increase in respiratory rates can be explained by the changing concentration of the seawater. ———————–INTRODUCTION ECOLOGICAL NICHE AIM HYPOTHESIS Explains aspects of the ecological niche that are related to the investigation. Hypothesis linked to ecological niche. VARIABLE INDEPENDENT VARIABLE CONTRO LLED VARIABLE DEPENDENT VARIABLE Controlled variables A valid range of the Independent variable Controlled variables Dependent variables Sufficient data PROCESSED DATA [pic] STATISTICAL ANALYSIS CONCLUSION Sufficient data that is appropriately and accurately processed to show relevant pattern. (raw data is in log book) Workable method outlinedSufficient data that is appropriately and accurately processed to show relevant pattern. (raw data is in log book) Statistical analysis of the validity of the conclusion A valid conclusion that is justified by the data and relates to the hypothesis DISCUSSION EVALUATION Critical evaluation through analysis of the validity of the investigation Critical evaluation – limitations discussed and changes made to the method justified in relation to validity of investigation Discussion of results related to niche Significance of findings in relation to the ecological niche

A Uniformed Education Essay

Even though it is believed that students need to make life decisions based on their own standards, instead of the procedures and guidelines set for them, and that this is vitally critical for them as they grow into adults. Uniforms are a good idea as it causes students to focus on their academics and learning rather than on latest fashions or what the next student is wearing, also to respect themselves, their instructors and each other. Students are more likely to feel safe in schools with uniforms and they are also more inclined to attend classes and perform better academically. Faculty members in an inquiry believed that uniforms increased the learning climate by reassuring morality amongst students, augmenting the communication between teachers and students and bettering the administration of discipline. Many school officials agree that wearing uniforms helps decrease bullying and student detachment, and many educators are convinced that school uniforms increase students’ a bility to thrive in the classroom. As Huss (2007) states, â€Å"School uniforms are tangible; they are seen as a concrete and visible means of restoring order to the classrooms.† Uniforms cause change in appearance and performance while in class. First, students are more likely to feel safe in schools with uniforms and they are also more inclined to attend classes and perform better academically. Students perform better academically when they feel safe and are not threatened in school. There has been a lot of scrutiny concerning school safety, due to the increased activity and violence of gangs in schools. After taking note of these actions (increased violence and gang presence) officials are always considering ways to establish the security of the students and the faculty. King (1998) states, â€Å"Those who fear for their safety in school or on the way to school may not learn effectively, and they may turn to truancy as a viable alternative to facing daily threats of violence.† School safety, a  more disciplined student and student learning is believed to be the outcome if school uniforms would be enforced. Wearing school uniforms helps a school limit the wearing of gang colors, theft and school violence. Enforcing school uniforms should be taken seriously considering the ability of them making a student feel secure and safe to learn. When uniforms are required and worn it makes it easy to identify those that are not from the school or that are actually out of uniform by wearing regular street clothes. Students from schools where uniforms were required reported they did feel more safe and compelled to be concerned more about their education and succeeding in the classroom than to have to identify who was a member or which gang from day to day. King (1998) states, â€Å"Approximately one in four students reports worrying about becoming a victim of crimes or threats at school, and one in eight reports having been victimized at school.† The wearing of school uniforms should be expected in all schools and not just targeted areas; this would increase the true benefit of wearing unifor ms in our education system. Creating a system where uniforms are worn in all schools would limit the thought of a school that actually has a uniform policy in place as being considered a bad school or unsafe to send a child. Uniforms should not be associated with a schools safety and or truancy problems. The safety of our children should be a priority every day. Additionally, teachers in a study believed uniforms enriched the schooling climate by stimulating morality amidst students, augmenting the interactions between the teachers and students and bettering control. Similarly, of the 5,500 principals surveyed as attendees of the National Association of Secondary School Principals’ annual conference in February 1996, more than 7-% believed that requiring students to wear uniforms to school would reduce violent incidents and discipline problems. Moreover, greater than 80% of Long Beach Telegram readers supported uniforms. (King 1998) â€Å"A school reported the effects of wearing uniforms and in the first year alone crime decreased by 36%, sex offenses by74% and physical fights among students by 51%.† (King 1998) Students have shown to behave at a higher standard when in uniform and it also has been reported to have an effect on the interaction between a teacher and student. When in uniform students mannerisms are different and they carry themselves in a higher regard. It is believed that both the students and teachers operate based on the way they are dressed. A school  official has been quoted as saying â€Å"Students here understand why they are in school†; â€Å"Students work hard to complete their assignments†; and â€Å"Students in this school have fun but also work hard on their studies.† (Murray, R. K. 1997) This in no way means that all students will act accordingly and excel academically, but it would assist in creating an environment where both students and teachers were a ppreciative of their school and more considerate to each other. It is believed that teachers interact differently with students when they are clothed in a more uniformed manner. Students have also been noted as having better mannerism and more care in how they handle each other as well as the faculty. Finally, the most important reason uniforms are a good idea as it causes students to focus on their academics rather than on the latest fashions because â€Å"wearing uniforms helps students to get into â€Å"learning mode† and reminds them to respect themselves, their instructors and each other.† (Wade, K. & Stafford, M. 2003) The administrators instantly point out that normally; purchasing school uniforms for a school year can cost between $80 and $90 per child, this cost is lower than what parents would spend when having to buy the designer clothing that a student desires. So, a student and parent would be better off purchasing uniforms financially which is looked at as a bonus in these economic times. Students in a school that requires uniforms are less likely to feel or receive peer pressure because of their lack of the designer clothing that other families may be able to afford. In a climate where uniforms are mandatory your family’s financial situation is not noticeable thus making it a more comfortable learning environment. A parent was quoted saying, â€Å"I know I spent less money and needed far fewer items of clothing for my children when they wore school uniforms.† (Walmsley, A. 2011) This also lessen the occurrence of the morning fights between parents and students as to what to wear for the day the selection is simple and minimal at the same time. At this age youths are at the point of attempt to find their own individuality and ideas of what suits them clothes wise be it baggy or tight jeans, cartooned t-shirts, and political clothing. Getting away from wearing those types of clothing and requiring a uniform causes the student to not focus on what someone is wearing but instead their schooling and academics which is way more important. Fashion should take a backseat when it comes to your education. A youth’s individuality can be expressed in other ways if shown  and at the same time there should be limits set on the possibilities of accessories worn with the uniforms. Students have been intensely wounded and or killed for their designer shoes, clothing and accessories. School uniforms are believed to cut down on these occurrences. Being dressed in a different manner has been shown to cause a different reaction in class and in a student’s day to day life. School climate has been shown to be related to student achievement as well as how students behave and feel about themselves, their school, and other individuals. Furthermore, positive school climate has been identified as a characteristic of an effective school. Given the significant impact of school climate on student achievement, practitioners should consider these new findings when considering implementing a school uniform policy as a means of improving school climate and student behavior. (Murray, R. K. 1997) Requiring uniforms in schools changes the climate and the reaction to learning significantly. Walmsley (2011) states, â€Å"Because students dress in uniforms, they’re reminded that their â€Å"job† is to be a student.† A uniform causes a different behavior and creates such a reaction in the students that their attitudes ch ange automatically. On some occasions students have even decided to opt out of the days allowed for â€Å"street clothes† after they have experienced a school uniform environment. When dressed in street clothes students tend to behave in a manner of â€Å"play† and not take their education as serious. Just as stated before when in uniform â€Å"they’re reminded that their job is to be a student,† it’s presenting them with the idea that during these hours you are expected to give your all and not limit yourself in anyway and behave in a more professional or sophisticated manner much like if they were going to an actual 9 – 5 job this behavior is expected from them. Indeed, while wearing a school uniform does not allow for self-expression some think that students should make choices in regards to life based on their own personal values instead of the precedent and governance chosen for them and this is important for their own well-being and development as they con tinue to grow up. Anderson (2002) states, â€Å"four basic reasons for promoting school uniforms: 1) enhanced school safety, 2) improved learning climate, 3) higher self-esteem for students, and 4) less stress on the family.† Uniforms are a good idea as it causes students to focus on their academics and learning rather than on latest fashions or what the next student is wearing because  wearing uniforms helps students get prepared and ready to learn and it reminds them that certain level of respect is required of them towards their instructors, themselves and the other students. The use and purchase of uniforms can also improve Schools should provide a safe environment for learning. Wearing uniforms could be considered a form of good discipline and causing students to learn and adhere to rules. Calling for uniforms in schools can reduce violence and propel our students into a better category academically in the world as a whole. The wearing of a school uniform may not resolve all or any of the problems that occur day to day in our schools now but there are some other benefits to wearing them and those benefits should be taken into account. (Lester 106-12) With classrooms today needing a more respect for teachers and each other wearing school uniforms can help with that. Conformity should be painless with uniforms being incorporated in our education system, as the guidelines are definite and straightforward. References Anderson, W. (2002). School Dress Codes and Uniform Policies. Policy Report. Washington, D.C.: Office of Educational Research and Improvement. ERIC document ED 471 528. Huss, J. A. (2007). The Role of School Uniforms in Creating an Academically Motivating Climate: Do Uniforms Influence Teacher Expectations? Journal of Ethnographic & Qualitative Research, 131-39. King, K.A. (1998, January). Should school uniforms be mandated in elementary school? Journal of School Health. p. 32. Murray, R. K. (1997). The Impact of School Uniforms on School Climate. NASSP Bulletin, 81(593), 106-12. Wade, K., & Stafford, M. E. (2003). Public School Uniforms: Effect on Perceptions of Gangs Presence, School Climate, and Student Self-Perceptions. Education and Urban Society, 35 (4), 399-420. Walmsley, A. (2011). What the United Kingdom Can Teach the United States About School Uniforms. Phi Delta Kappan, 92(6), 63-66.

Introduction of Information Security Systems Cis4385

1. Which if the following IPv6 address type is assigned to multiple interfaces but packets will only be delivered to one? a. Multicast b. Anycast c. Unicast d. Broadcast Grade:1 User Responses:b. Anycast Feedback:a. An anycast address is assigned to a group of interfaces on multiple nodes. Packets are delivered to the â€Å"first† interface only. 2. Routers operate at which OSI layer? a. Physical b. Transport c. Network d. Session Grade:1 User Responses:c. Network Feedback:a. Routers operate at the network layer making routing decisions based on IP addresses. 3. Which of the following is NOT a private IPv4 address? Choose all that apply. a. 192. 168. 5. 60 b. 172. 25. 6. 4 c. 10. 0. 6. 5 d. 26. 68. 6. 1 Grade:1 User Responses:d. 26. 68. 6. 1 Feedback:a. The private IP address ranges are as follows. IP Class Assigned Range Class A 10. 0. 0. 0-10. 255. 255. 255 Class B 172. 16. 0. 0-172. 31. 255. 255 Class C 192. 168. 0. 0-192. 168. 255. 2554. What is a server that evaluates Internet requests from LAN devices against a set called? a. Proxy b. Firewall c. Load balancer d. NAT server Grade:1 User Responses:a. Proxy Feedback:a. A server that evaluates Internet requests from LAN devices against a set of rules is called a proxy server. NAT servers perform private to public address translation; load balancers manage traffic between cluster hosts; and a firewall filters traffic based on access control lists.5. Which type of device maintains awareness of the status of connections, thereby preventing IP spoofing attacks? a. Stateless packet filterin g firewall b. Stateful packet filtering firewall c. NAT filter d. Application-level gateway Grade:1 User Responses:b. Stateful packet filtering firewall Feedback:a. A stateful packet filtering firewall is one that monitors the state of each connection by examining the header of each packet. Read this  Chapter 2 – Why Security is Needed A stateless packet filtering firewall does not do this. NAT filters perform only private-to-public address translation. An application-level gateway provides protection to a specific application such as FTP.6. Which of the following firewall services works at the session layer of the OSI model? a. Application layer gateway b. Stateful filtering c. NAT d. Circuit-level gateway Grade:0 User Responses:c. NAT Feedback:a. Circuit-level gateways work at the Session Layer of the OSI model and apply security mechanisms when a TCP or UDP connection is established; they act as a go between for the Transport and Application Layers in TCP/IP.After the connection has been made, packets can flow between the hosts without further checking. Circuit-level gateways hide information about the private network, but they do not filter individual packets.7. Which of the following are the two main functions of a proxy server? a. Caching of web pages b. NAT c. Domain authentication d. DHCP Grade:1 User Respo nses:a. Caching of web pages,c. Domain authentication Feedback:a. A proxy server secures a network by keeping machines behind it anonymous; it does this through the use of NAT. It also improves web performance by caching web pages from servers on the Internet for a set amount of time. b. A proxy server secures a network by keeping machines behind it anonymous; it does this through the use of NAT. It also improves web performance by caching web pages from servers on the Internet for a set amount of time.8. Which of the following devices can detect but not prevent attacks across the entire network? a. NIDS b. Host-based IDS c. NIPS d. Protocol Analyzer Grade:1 User Responses:a. NIDS Feedback:a. Network Intrusion Detection Systems (NIDS) detect but do not prevent attacks across the entire network. Host-based IDS can protect only the host on which it is installed. Network Intrusion Protection Systems (NIPS) can detect and prevent attacks across the entire network. A Protocol Analyzer ca n capture traffic but not act upon it.9. When a NIPs blocks legitimate traffic, what is it known as? a. False negative b. True negative c. False positive d. True positive Grade:1 User Responses:c. False positive Feedback:a. A blocking of traffic is a positive action, and when it is in response to legitimate traffic, it is considered a false action; thus it is a false positive. A false negative would be when an action is NOT taken on traffic that is not legitimate. The other two options are normal actions; a true negative is the allowing of legitimate traffic, whereas a true positive is the blocking of illegitimate traffic.10. Which of the following types of NIPS reacts to actions that deviate from a baseline? a. Signature-based b. Heuristic c. Anomaly-based d. Bit blocker Grade:1 User Responses:c. Anomaly-based Feedback:a. Anomaly-based NIPS recognizes traffic that is unusual and reports it. Signature-based NIPs are configured with the signatures of attacks. Heuristics looks for pat terns in the traffic, whereas bit blocker is a not a type of NIPs.11. Which of the following systems attempt to stop the leakage of confidential data, often concentrating on communications? a. DHCP b. DNS c. DLP d. STP Grade:1 User Responses:c. DLP Feedback:a. Data loss prevention (DLP) systems are designed to protect data by way of content inspection. They are meant to stop the leakage of confidential data, often concentrating on communications. As such, they are often also referred to as data leak prevention (DLP) devices, information leak prevention (ILP) devices, and extrusion prevention systems.Regardless, they are intended to be used to keep data from leaking past a computer system or network and into unwanted hands.12. When a company buys fire insurance they are ____________ risk. a. accepting b. avoiding c. transferring d. reducing Grade:1 User Responses:c. transferring Feedback:a. It is possible to transfer some risk to a third-party. An example of risk transference (also k nown as risk sharing) would be an organization that purchases insurance for a group of servers in a datacenter.The organization still takes on the risk of losing data in the case of server failure, theft, and disaster, but transfers the risk of losing the money those servers are worth in the case they are lost.13. Which of the following processes block external files that use JavaScript or images from loading into the browser? a. URL filtering b. Content filtering c. Malware inspection d. Blacklists Grade:1 User Responses:b. Content filtering Feedback:a. Content filtering is a process that blocks external files that use JavaScript or images from loading into the browser. URL filtering blocks pages based on the URL.Malware inspection looks for malware based on a signature file, and blacklists are items to be denied by spam filters.14. Which of the following actions should NOT be taken for the default account on a network device? a. Delete it. b. Change the password. c. Disable it. d. Leave it as is. Grade:1 User Responses:d. Leave it as is. Feedback:a. The default account has a well-known username and password, so it should be either deleted or disabled, or at a minimum its password should be changed.15. Firewall rules are typically based in all but which of the following? a. IP addresses b. MAC addresses c. Port numbers . Content type Grade:1 User Responses:d. Content type Feedback:a. Firewall rules are typically based on IP addresses, MAC addresses, or port numbers, but they cannot filter for content.16. Which of the following is the target of a double tagging attack? a. VPNs b. VLANs c. Collision domains d. DMZs Grade:1 User Responses:b. VLANs Feedback:a. A double tagging attack can enable the attacker to view traffic from multiple VLANs.17. A network created to allow access to resources from the Internet, while maintaining separation from the internal network is called a ______? a. VPN b. VLAN c. Honeypot d. DMZ Grade:1User Responses:d. DMZ Feedback:a. When talking about computer security, a Demilitarized Zone (DMZ) is a special area of the network (sometimes referred to as a subnetwork) that houses servers which host information accessed by clients or other networks on the Internet, but which does not allow access to the internal network.18. How can access to the remote management of a router be protected? a. Content filtering b. ACLs c. Firewalls d. IPS Grade:0 User Responses:c. Firewalls Feedback:a. Remote access to a router is usually done via Telnet or SSH. The port used (vty line) can be secured using an access control list. The other options can all be used to help protect routers but not access the remote management function.19. You need to allow access from your network to all web sites. What port numbers should be opened in the firewall? Choose all that apply. a. 25 b. 443 c. 80 d. 119 e. 22 f. 23 Grade:1 User Responses:c. 80 Feedback:a. HTTP and HTTPS are the two services you need to allow access to use ports 80 and 443 res pectively.20. Which of the following mitigation techniques can prevent MAC flooding? a. Secure VLANs b. Prevent ICMP responses c. 802. 1x d. 802. 1q Grade:1 User Responses:c. 802. 1x Feedback:a.MAC flooding, which involves overwhelming the memory of the switch with MAC frames sourced from different MAC addresses, can be prevented by requiring authentication on each port through 802. 1x. Secure VLANs cannot prevent this because the frames don’t need to enter a VLAN to cause the problem. ICMP is at Layer 3, these frames are at Layer 2, and 802. 1q is a VLAN tagging protocol that does not prevent frames from entering the switch through access ports.21. Which of the following attacks cannot be mitigated with a flood guard? a. Smurf attack b. Fraggle c. Teardrop attack d. Session theft Grade:1 User Responses:d.Session theft Feedback:a. The smurf, fraggle, and teardrop attacks all involve sending a flood of packets to a device, using different types of malformed packets. A session theft attack is when a session cookie is stolen and used to authenticate to a server.22. Loop protection is designed to address problems that occur with which device? a. Switch b. Hub c. Router d. Firewall Grade:0 User Responses:b. Hub Feedback:a. Loops occur when switches have redundant connections causing a loop. Loop guard (or loop protection) can prevent loops on the switch.23. When creating an ACL which of the following statements is NOT true? a.The order of the rules is important for proper functioning b. You must include a deny all statement at the end of the rule set for proper functioning c. The more specific rules should be placed at the beginning of the rule list d. Once created, the ACL must be applied to an interface Grade:1 User Responses:b. You must include a deny all statement at the end of the rule set for proper functioning Feedback:a. There is an implied deny all statement at the end of each ACL and it is not required to include one.24. Which of the following is a n example of insecure network bridging in a LAN? a. Laptop connected to a hotspot and an ad hoc network . Laptop connected to a wireless network and the wired LAN at the same time c. Router connected to two subnets d. PC connected with two NIC to the same LAN Grade:1 User Responses:b. Laptop connected to a wireless network and the wired LAN at the same time Feedback:a. When a laptop connects to a wireless network and the wired LAN at the same time, it can create a bridge between the two allowing access to the LAN. The other scenarios do not create a security problem for the LAN.25. When the administrator creates a rule on the firewall to prevent FTP traffic, this is a type of __________rule. . implicit deny b. implicit allow c. explicit deny d. explicit allow Grade:1 User Responses:c. explicit deny Feedback:a. When traffic is specified to be prevented, it is an explicit deny. When it is denied simply because it was not specifically allowed, that is an implicit deny.26. Network Acces s Control (NAC) is an example of_______________. a. role-based management b. rules-based management c. port-based access d. application layer filtering Grade:1 User Responses:b. rules-based management Feedback:a. Network Access Control (NAC) uses rules by which connections to a network are governed.Computers attempting to connect to a network are denied access unless they comply with rules including levels of antivirus protection, system updates, and so on—effectively weeding out those who would perpetuate malicious attacks.27. What type of device is required for communication between VLANs? a. Hub b. Switch c. Router d. Firewall Grade:1 User Responses:c. Router Feedback:a. Hosts in different VLANs are also in different subnets and routing must be performed for them to communicate.28. Which of the following would be least likely to be placed in the DMZ? a. Web server b. DNS server c. Domain controller d. FTP serverGrade:1 User Responses:c. Domain controller Feedback:a. All th e options except a domain controller are often placed in the DMZ so they are accessible to the outside world. A DC however is sensitive and should NOT be placed in the DMZ.29. Subnetting a network creates segmentation at which layer of the OSI model? a. Layer 1 b. Layer 2 c. Layer 3 d. Layer 4 Grade:1 User Responses:c. Layer 3 Feedback:a. Subnetting a network creates segmentation using IP addresses, which is Layer 3.30. What service is required to represent multiple private IP addresses with a single public IP address? a. NAT b. DHCP c. DNS d. DLP Grade:0User Responses:a. NAT Feedback:a. Network Address Translation (NAT) is required to represent multiple private IP addresses with a single public IP address. The specific form of NAT required to represent multiple private IP addresses with a single public IP address is called Port Address Translation (PAT).31. Which of the following is NOT a remote access protocol? a. MS-CHAP b. CHAP c. LDAP d. PAP Grade:1 User Responses:c. LDAP Feedb ack:a. Lightweight Directory Access Protocol is used for accessing directory services such as Active Directory. It is not used in remote access. All other options are remote access protocols.32. Which of the following devices are susceptible to war dialing? a. Modems b. Firewalls c. Content filters d. Load balancers Grade:0 User Responses:a. Modems Feedback:a. Any devices that accept phone calls such as modems or PBX systems with remote phone access are susceptible to war dialing.33. When computers are not allowed to connect to the network without proper security patches and virus updates, the network is using a form of _____________. a. PAT b. DAC c. NAC d. DMZ Grade:0 User Responses:d. DMZ Feedback:a. Network Access Control (NAC) uses rules by which connections to a network are governed.Computers attempting to connect to a network are denied access unless they comply with rules including levels of antivirus protection, system updates, and so on—effectively weeding out those who would perpetuate malicious attacks.34. Which of the following items do not need to be changed on a new router to ensure secure router management? a. IP address b. Administrator name c. Administrator password d. IOS version Grade:1 User Responses:d. IOS version Feedback:a. All the options except the IOS version can be set to defaults from the factory and should be changed because they are well known.35. Which of the following is NOT an example of cloud computing? a. SaaS b. IaaS c. PaaS d. BaaS Grade:1 User Responses:d. BaaS Feedback:a. Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS) are all forms of cloud computing.36. On which concept is cloud computing based? a. load balancing b. virtualization c. RAID d. DLP Grade:1 User Responses:b. virtualization Feedback:a. All forms of cloud computing use virtualization.37. A three legged perimeter is a form of ______________. a. VPN b. DMZ c. NAT d. ACL Grade:1 User Responses:b. DMZ Fee dback:a. A three-legged perimeter is a firewall or server with three NICs: one pointed to the LAN, one to the Internet, and one to the DMZ.38. Which of the following is NOT a benefit provided by subnetting? a. It increases security by compartmentalizing the network. b. It is a more efficient use of IP address space. c. It reduces broadcast traffic and collisions. d. It eases administration of the network. Grade:1 User Responses:d. It eases administration of the network. Feedback:a. Subnetting provides a number of benefits but easing administration is not one of them.39. Which of the following is the result of implementing VLANs? . Larger broadcast domains b. Smaller collision domains c. Smaller broadcast domains d. Larger collision domains Grade:1 User Responses:c. Smaller broadcast domains Feedback:a. VLANs break up the network into subnets and as such result in smaller broadcast domains.40. Which of the following services helps conserve public IP addresses? a. NAT b. DHCP c. DNS d . SLIP Grade:0 User Responses:c. DNS Feedback:a. By allowing the use of private IP addresses inside each network and by representing those groups of private IP addresses with a single public IP address, public IP addresses are conserved by NAT.41. Which of the following remote access protocols are used with VPNs? Choose all that apply. a. PPTP b. PPP c. L2TP d. SLIP Grade:1 User Responses:c. L2TP,d. SLIP Feedback:a. Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling protocol (L2TP) are used with VPNs. PPP and SLIP are used for dial-up. /b. Point-to-Point Tunneling Protocol (PPTP) and Layer Two Tunneling protocol (L2TP) are used with VPNs. PPP and SLIP are used for dial-up.42. Which of the following security protocols operates at the network layer of the OSI model? a. IPSec b. SSH c. SSL d. TLS Grade:1 User Responses:a. IPSec Feedback:a.One of the key features of IPSec is its operation at the network layer enabling it to protect any type of communication operating at th e upper layers of the OSI model.43. Which of the following are components of SNMP? Choose all that apply. a. NMS b. IPSec c. Agent d. CARP Grade:1 User Responses:b. IPSec,c. Agent Feedback:a. The three components of SNMP are a network management system (NMS), agent software, and the managed device, where the agent software operates. /b. The three components of SNMP are a network management system (NMS), agent software, and the managed device, where the agent software operates.44. SSL is designed as a secure replacement for which of the following? a. PPP b. Telnet c. TLS d. SSH Grade:0 User Responses:d. SSH Feedback:a. SSL is designed as a secure replacement for Telnet, which transmits in clear text.45. Which of the following protocols supersedes SSL? a. SSH b. TLS c. S/MIME d. EAP Grade:0 User Responses:a. SSH Feedback:a. TLS 1. 2, the latest version, is used when establishing an HTTPS connection and supersedes SSLv3.46. The operation of which of the following protocols makes the SY N flood attack possible? a. IPX/SPX b. AppleTalk c. TCP/IP d. RIP Grade:1 User Responses:c. TCP/IP Feedback:a.TCP/IP uses a three-way handshake for its connection, and the SYN flood attack attempts to take advantage of the operation of this connection operation.47. Which of the following provides secure web access? a. SFTP b. HTTP c. HTTPS d. SSH Grade:1 User Responses:c. HTTPS Feedback:a. HTTPS uses port 443 and is the standard for secure web access.48. SCP is a secure copy protocol that uses the port of which other protocol for transfers? a. HTTPS b. SSH c. SSL d. FTPS Grade:0 User Responses:d. FTPS Feedback:a. Secure copy (SCP) is another example of a protocol that uses another protocol (and its corresponding port). It uses SSH and ultimately uses port 22 to transfer data.49. Which of the following protocols is abused when a ping flood occurs? a. SNMP b. IGMP c. ICMP d. EIGRP Grade:0 User Responses:a. SNMP Feedback:a. Ping floods use ICMP echo request packets aimed at the target. 50. Which of the following security mechanisms are built into IPv6? a. IPSec b. SSL c. HTTPS d. EAP Grade:1 User Responses:a. IPSec Feedback:a. IPv6 has IPSec support built in.51. What method is used by SSL to obtain and validate certificates? a. SPI b. PKI c. TLS d. EAP Grade:1 User Responses:b. PKI Feedback:a.SSL and TLS use a public Key Infrastructure (PKI) to obtain and validate certificates.52. What port number does FTPS use to protect the transmission? a. 21 b. 88 c. 443 d. 445 Grade:0 User Responses:a. 21 Feedback:a. FTPS uses SSL or TLS over port 443 to make a secure connection.53. Which of the following protocols uses port 22, normally used by SSH, to make a secure connection? a. FTPS b. SCP c. SFTP d. SSL Grade:0 User Responses:b. SCP Feedback:a. Secure FTP (SFTP) uses port 22, the port for SSH, which is why it is also sometimes called SSH FTP.54. Which protocol uses ports 161 and 162? a. SMTP b. IMAP4 . SNMP d. IGMP Grade:0 User Responses:a. SMTP Feedback:a. SNMP is used to collect information about and make changes to devices on the network. It uses ports 161 and 162.55. Which protocol uses the same port as HTTPS? a. SCP b. FTPS c. SFTP d. IMAP4 Grade:0 User Responses:c. SFTP Feedback:a. FTP secure (FTPS) uses port 443, which is also used by HTTPS.56. Which protocol uses port 69? a. SCP b. FTPS c. TFTP d. IMAP4 Grade:1 User Responses:c. TFTP Feedback:a. TFTP uses port 69.57. What port number is used by Telnet? a. 80 b. 443 c. 21 d. 23 Grade:1 User Responses:d. 23 Feedback:a. Port 23 is used by Telnet.58. Which port does HTTP use? a. 80 b. 443 c. 21 d. 23 Grade:0 User Responses:b. 443 Feedback:a. HTTP uses port 80.59. Which port does SCP use to transfer data? a. 80 b. 22 c. 21 d. 23 Grade:0 User Responses:c. 21 Feedback:a. SCP uses SSH and thus port 22 to transfer data.60. Which protocol uses port 443? a. HTTPS b. FTPS c. TFTP d. IMAP4 Grade:1 User Responses:a. HTTPS Feedback:a. HTTPS uses port 443.61. Which two protocols use port 22? a. HTTPS b. FT PS c. SSH d. SCP Grade:2 User Responses:c. SSH,d. SCP Feedback:a. SCP uses SSH and thus port 22 to transfer data, so both protocols use this port. b. SCP uses SSH and thus port 22 to transfer data, so both protocols use this port.62. Which ports does the NetBIOS protocol uses? Choose all that apply. a. 138 b. 139 c. 137 d. 140 Grade:3 User Responses:a. 138,b. 139,c. 137 Feedback:a. The NetBIOS protocol uses ports 137 through 139. /b. The NetBIOS protocol uses ports 137 through 139. /c. The NetBIOS protocol uses ports 137 through 139.63. What protocol uses port 53? a. HTTPS b. FTPS c. SSH d. DNS Grade:0 User Responses:b. FTPS Feedback:a. DNS uses port 53.64. Which port number does RDP use? a. 3389 b. 1723 c. 1701 d. 140 Grade:1 User Responses:a. 3389 Feedback:a. Port 3389 is used for Remote Desktop (RDP).65. What protocol uses port 25? a. HTTPS b. SMTP c. SSH d. DNS Grade:1 User Responses:b. SMTP Feedback:a. SMTP uses port 25.66. Which of the following statements is true regarding WP A and WPA2? (Choose all that apply. ) a. WPA uses 256-bit encryption. b. WPA2 uses 128-bit encryption. c. WPA uses TKIP. d. WPA2 uses AES. Grade:2 User Responses:c. WPA uses TKIP. ,d. WPA2 uses AES. Feedback:a. WPA uses TKIP 128-bit encryption, whereas WPA2 uses 256-bit AES. /b. WPA uses TKIP 128-bit encryption, whereas WPA2 uses 256-bit AES.67. Which statement is NOT true with regard to WPA2? a. Uses AES encryption b. Meets requirements of 802. 11i c. Uses TKIP encryption d. Uses 256 bit encryption Grade:1 User Responses:c. Uses TKIP encryption Feedback:a. WPA uses TKIP but WPA2 uses AES.68. Which of the following is the security provided in the original 802. 11 standard? a. WPA b. WPA2 c. WEP d. CCMP Grade:1 User Responses:c. WEP Feedback:a. Wired Equivalent Privacy (WEP) is the security provided in the original 802. 11 standard.69. What is the authentication system that calls for a supplicant, authenticator, and authentication server called? . EAP b. WPA c. WPA2 d. WEP Grade:1 Us er Responses:a. EAP Feedback:a. Extensible Authentication Protocol (EAP) is an authentication system that calls for a supplicant, authenticator, and authentication server.70. Which of the following implementations of EAP requires certificates on the client and the server? a. EAP-FAST b. EAP-TTLS c. PEAP d. EAP-TLS Grade:1 User Responses:d. EAP-TLS Feedback:a. EAP-TLS requires certificates on the client and the server.71. Which of the following versions of EAP is Cisco proprietary? a. LEAP b. EAP-TTLS c. PEAP d. EAP-TLS Grade:1 User Responses:a. LEAP Feedback:a. Lightweight EAP is a version that works only on Cisco devices unless the device is from a partner that participates in the Cisco Compatible Extensions program.72. Why are MAC filters not effective in preventing access to the WLAN? a. The MAC addresses of allowed devices are contained in the beacon frames sent by the AP. b. The MAC addresses of allowed devices are contained in any frames sent by the allowed device. c. The admi nistrative effort to maintain the MAC list is prohibitive. d. If the user changes his MAC address, the filter will disallow entry. Grade:1 User Responses:b.The MAC addresses of allowed devices are contained in any frames sent by the allowed device. Feedback:a. The MAC addresses of allowed devices are contained in any frames sent by the allowed device and can be seen by those using wireless protocol analyzers. The MAC address can then be spoofed for entry.73. Which of the following frame types contain the SSID? (Choose all that apply. ) a. Beacon frames b. Data frames c. Association frames d. Authentication frames Grade:3 User Responses:b. Data frames,c. Association frames,d. Authentication frames Feedback:a. The SSID is contained in all frames.If the SSID is hidden, it is removed only from the beacon frames. /b. The SSID is contained in all frames. If the SSID is hidden, it is removed only from the beacon frames. /c. The SSID is contained in all frames. If the SSID is hidden, it is removed only from the beacon frames.74. TKIP was designed to correct the shortcomings of which of the following? a. EAP b. WPA c. WEP d. WPA2 Grade:1 User Responses:c. WEP Feedback:a. TKIP was designed to correct the shortcomings of WEP. It was a temporary solution for use until the 802. 1x standard was completed.75. Which of the following encryption protocols is used with WPA2? . TKIP b. CCMP c. WEP d. DES Grade:1 User Responses:b. CCMP Feedback:a. Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is the encryption protocol used with WPA2. It addresses the vulnerabilities of TKIP and meets requirements of IEEE 802. 11i.76. Which antenna types would be best for shaping the signal away from the front of the building for security purposes while still providing coverage in the other part of the building? (Choose all that apply. ) a. Yagi b. Omni c. Parabolic dish d. Semidirectional Grade:2 User Responses:a. Yagi,d. Semidirectional Feedback:a.You can us e a yagi antenna, which is a type of semidirectional antenna, to shape the coverage area as called for in the scenario. /b. You can use a yagi antenna, which is a type of semidirectional antenna, to shape the coverage area as called for in the scenario.77. How can you keep the existing radiation pattern of the antenna while reducing the coverage area? a. Increase the power of the transmitter. b. Decrease the power of the transmitter. c. Change the polarity of the antenna. d. Remove one of the attenuators from the line. Grade:1 User Responses:b. Decrease the power of the transmitter.Feedback:a. Reducing the power level maintains the radiation pattern while making the area of radiation smaller.78. What organization created WPA? a. FCC b. Wi-Fi Alliance c. IEEE d. ISO Grade:1 User Responses:b. Wi-Fi Alliance Feedback:a. The Wi-Fi Alliance created WPA to address the weaknesses of WEP.79. To which standard is WPA2 designed to adhere? a. 802. 16 b. 802. 11f c. 802. 11i d. 802. 11e Grade:1 User Responses:c. 802. 11i Feedback:a. WPA2 is designed to adhere to the 802. 11i security standard.80. Which of the following is the weakest form of security? a. TKIP b. WPA c. WEP d. EAP Grade:1User Responses:c. WEP Feedback:a. WEP is the weakest form of security. It has been cracked and is not suitable for Enterprise WLANs.81. A ______________ attack intercepts all data between a client and a server. a. DDoS b. Man-in-the-middle c. Replay d. Smurf Grade:1 User Responses:b. Man-in-the-middle Feedback:a. Man-in-the-middle is a type of active interception. If successful, all communications now go through the MITM attacking computer.82. When a group of compromised systems attack a single target it is a called a _______________ attack. a. DDoS b. Man-in-the middle c. Replay d. Smurf Grade:1User Responses:a. DDoS Feedback:a. A distributed denial-of-service attack occurs when a group of compromised systems launches a DDoS attack on a single target.83. When valid data transmissions are maliciously or fraudulently repeated, it is called a _______________ attack. a. DDoS b. man-in-the middle c. replay d. smurf Grade:1 User Responses:c. replay Feedback:a. When valid data transmissions are maliciously or fraudulently repeated, it is a called a replay attack.84. What attack sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork? a.DDoS b. Man-in-the middle c. Replay d. Smurf Grade:1 User Responses:d. Smurf Feedback:a. A smurf attack sends large amounts of ICMP echoes, broadcasting the ICMP echo requests to every computer on its network or subnetwork. The ICMP request is sent to a broadcast address. When all hosts receive the ICMP broadcast request, these host send ICMP replies to the source address, which has been set to the address of the target.85. Changing your MAC address to that of another host is called ___________________. a. spear phishing b. spoofing c. pharming d. vishing Grade:1 User Responses:b . spoofing Feedback:a.Spoofing is when an attacker tails the IP or MAC address of another computer.86. Which of the following is more an aggravation than an attack? a. Spear phishing b. Spoofing c. Spam d. Vishing Grade:1 User Responses:c. Spam Feedback:a. Spam or unwanted email is more an aggravation than an attack.87. Which of the following uses instant messaging as its vehicle? a. Spim b. Spoofing c. Phishing d. Vishing Grade:1 User Responses:a. Spim Feedback:a. Spam Over Instant Messaging (SPIM) uses IM to deliver the spam.88. When VoIP phone calls are used in the pursuit of social engineering, it is called__________. a. spim b. poofing c. phishing d. vishing Grade:1 User Responses:d. vishing Feedback:a. Vishing is phishing performed with VoIP calls, which are harder to trace than regular calls.89. What type of attack is an advanced scan that tries to get around firewalls and look for open ports? a. DDoS b. Man-in-the-middle c. Xmas attack d. Smurf Grade:1 User Responses:c. Xmas attack Feedback:a. Usually using Nmap, the Xmas attack is an advanced scan that tries to get around firewalls and look for open ports.90. __________________ is when an attacker redirects one website’s traffic to another bogus and possibly malicious website. a.DDoS b. Pharming c. Xmas attack d. Smurf Grade:1 User Responses:b. Pharming Feedback:a. Host files and vulnerable DNS software can also be victims of pharming attacks. Pharming is when an attacker redirects one website’s traffic to another bogus and possibly malicious website. Pharming can be prevented by carefully monitoring DNS configurations and host files.91. ___________ is when a person that is not normally authorized to a server manages to get administrative permissions to resources. a. Whaling b. Pharming c. Spear phishing d. Privilege escalation Grade:1 User Responses:d. Privilege escalation Feedback:a.Privilege escalation is when a person that is not normally authorized to a server manages to get adminis trative permissions to resources.92. Which problem is the most difficult to contend with? a. Malicious insider threat b. Fraggle attack c. Distributed denial-of-service d. Whaling Grade:1 User Responses:a. Malicious insider threat Feedback:a. Because the attacker already is inside the network with company knowledge, a malicious insider threat is the most difficult to contend with.93. What type of attack can DNS poisoning lead to? a. Whaling b. Pharming c. Spear phishing d. Privilege escalation Grade:0User Responses:c. Spear phishing Feedback:a. Pharming attacks lead users from a legitimate website to a malicious twin. The easiest way to do this is to poison the DNS cache so that the DNS server sends them to the malicious site.94. Strong input validation can help prevent ____________________. a. bluesnarfing b. SQL injection c. session highjacking d. header manipulation Grade:0 User Responses:c. session highjacking Feedback:a. SQL injection attacks user input in web forms that is not correctly filtered. This can be prevented with input validations.95. LDAP injection is an attack on __________________servers. . SQL b. directory c. web d. email Grade:1 User Responses:b. directory Feedback:a. Lightweight Directory Access Protocol is a protocol used to maintain a directory of information such as user accounts or other types of objects.96. XML injection can be prevented with __________________. a. IDS b. IPS c. input validation d. complex passwords Grade:0 User Responses:d. complex passwords Feedback:a. The best way to protect against this (and all code injection techniques for that matter) is to incorporate strong input validation.97. The .. / attack is also known as ________________. a. irectory traversal b. SQL injection c. session highjacking d. header manipulation Grade:1 User Responses:a. directory traversal Feedback:a. Directory traversal, or the .. / (dot dot slash) attack is a method to access unauthorized parent (or worse, root) directories.98. ___________ __ is when commands and command syntax are entered into an application or OS. a. Directory traversal b. Command injection c. Command highjacking d. Code manipulation Grade:1 User Responses:b. Command injection Feedback:a. Command injection is when commands and command syntax are entered into an application or OS.99. Buffer overflows operate against the _________ of the computer. a. NIC b. disk c. CPU d. memory Grade:1 User Responses:d. memory Feedback:a. A buffer overflow is when a process stores data outside of the memory that the developer intended.100. What is the difference between an XSS and XSRF attack? a. The XSS attack exploits the trust a user’s browser has in a website, whereas the XSFR attack exploits the trust that a website has in a user’s browser. b. The XSFR attack exploits the trust a user’s browser has in a website, whereas the XSS attack exploits the trust that a website has in a user’s browser. . The XSS attack creates a buffer overflow on the website, whereas the XSFR attack creates a buffer overflow on the client. d. The XSS attack creates a buffer overflow on the client, whereas the XSFR attack creates a buffer overflow on the website. Grade:1 User Responses:a. The XSS attack exploits the trust a user’s browser has in a website, whereas the XSFR attack exploits the trust that a website has in a user’s browser. Feedback:a. The XSS attack exploits the trust a user’s browser has in a website. The converse of this: the XSRF attack exploits the trust that a website has in a user’s browser. In this attack (also known as a one-click attack), the user’s browser is compromised and transmits unauthorized commands to the website.101. _______________ are placed by programmers, knowingly or inadvertently, to bypass normal authentication and other security mechanisms in place. a. Landing spots b. Backdoors c. Hotspots d. Code heels Grade:1 User Responses:b. Backdoors Feedback:a. Backdoors a re placed by programmers, knowingly or inadvertently, to bypass normal authentication and other security mechanisms in place.102. An XSS attack is also called a(n) __________________ attack. a. Zero day b. Command injection . Xmas d. Cross site scripting Grade:1 User Responses:d. Cross site scripting Feedback:a. XSS attacks, also called cross site scripting attacks, exploit the trust a user’s browser has in a website through code injection, often in webforms.103. ______________can be used by spyware and can track people without their permission. a. MAC addresses b. Cookies c. IP addresses d. Attachments Grade:1 User Responses:b. Cookies Feedback:a. Cookies are text files placed on the client computer that store information about it, which could include your computer’s browsing habits and possibly user credentials.104. Which of the following attachments is the riskiest to open? a.. exe b.. pdf c.. doc d.. txt Grade:1 User Responses:a.. exe Feedback:a. A . exe or executa ble file is one that contains a program that will do something, perhaps malicious to the computer.105. Stolen cookies can be used to launch a(n) ____________________. a. XSS attack b. SQL injection c. session highjack d. header manipulation Grade:1 User Responses:c. session highjack Feedback:a. Session cookies authenticate you to a server and can be used to highjack your session.106. Header manipulation alters information in ______________ headers. a. LDAP b. file c. HTTP . SQL Grade:1 User Responses:c. HTTP Feedback:a. Header manipulation alters information in HTTP headers and falsifies access.107. An ActiveX control is an example of a(n) _________________. a. cookie b. add-on c. cipher d. virus Grade:1 User Responses:b. add-on Feedback:a. You can enable and disable add-on programs such as ActiveX controls in the Programs tab by clicking the Manage add-ons button in Internet Explorer.108. When an attack targets an operating system vulnerability that is still unknown to the world in general, it is called a __________. a. P2P attack b. zero day attack c. whaling attack d. DDoS attack Grade:1User Responses:b. zero day attack Feedback:a. A zero day attack targets an operating system vulnerability that is still unknown to the world in general.109. __________________is a concept that refers to the monitoring of data in use, data in motion, and data at rest. a. DLP b. DHCP c. DEP d. DMS Grade:1 User Responses:a. DLP Feedback:a. Data Loss Prevention (DLP) is a concept that refers to the monitoring of data in use, data in motion, and data at rest. It does this through content inspection and is designed to prevent unauthorized use of data as well as prevent the leakage of data outside the computer (or network) that it resides.110. Which form of DLP is typically installed in data centers or server rooms? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 User Responses:c. Storage DLP Feedback:a. Storage DLP systems are typically installed in data centers or server rooms as software that inspect data at rest.111. Which of the following is an example of drive encryption? a. AppLocker b. BitLocker c. Windows defender d. Trusted Platform Module Grade:1 User Responses:b. BitLocker Feedback:a. To encrypt an entire hard disk, you need some kind of full disk encryption software.Several are currently available on the market; one developed by Microsoft is called BitLocker.112. The beauty of hardware-based encryption devices such as HSM (and TPM) is that it is ____________ than software encryption. a. more difficult to crack b. easier to use than software encryption c. faster than software encryption d. can be used to calculate data other than encryption keys Grade:1 User Responses:c. faster than software encryption Feedback:a. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors.This means that they are used for encryption during secure login/authentication processes, during digital signings of da ta, and for payment security systems. The beauty of hardware-based encryption devices such as HSM (and TPM) is that it is faster than software encryption.113. A _________________ is a chip residing on the motherboard that actually stores the encrypted keys. a. DLP b. DHCP c. DEP d. TPM Grade:1 User Responses:d. TPM Feedback:a. A Trusted Platform Module (TPM) chip is one residing on the motherboard that actually stores the encrypted keys.114. Which of the following is NOT required to encrypt the entire disk in Windows?Choose all that apply. a. TPM chip or USB key b. A hard drive with two volumes c. HSM Module d. Cryptoprocessor Grade:2 User Responses:c. HSM Module,d. Cryptoprocessor Feedback:a. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors; however, they are NOT a part of encrypting the entire disk in Windows. /b. Hardware security modules (HSMs) are physical devices that act as secure cryptoprocessors; however, they are NOT a part of encry pting the entire disk in Windows.115. Probably the most important security concern with cloud computing is _______________. . less secure connections b. loss of physical control of data c. weak authentication d. bug exploitation Grade:1 User Responses:b. loss of physical control of data Feedback:a. Probably the most important security control concern is the physical control of data that is lost when an organization makes use of cloud computing.116. Which of the following is NOT a solution to security issues surrounding cloud computing? a. Complex passwords b. Strong authentication methods c. Standardization of programming d. Multiple firewalls Grade:1 User Responses:d. Multiple firewalls Feedback:a. Solutions to these security issues include complex passwords, strong authentication methods, encryption, and standardization of programming.117. Which form of DLP is typically installed on individual computers? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 Us er Responses:a. Endpoint DLP Feedback:a. Endpoint DLP systems run on an individual computer and are usually software-based. They monitor data in use such as email communications and can control what information flows between various users.118. Where could you disable the use of removable media on a computer? a. Device manager . BIOS c. Control panel d. Programs and features Grade:1 User Responses:b. BIOS Feedback:a. BIOS settings can be used to reduce the risk of infiltration including disabling removable media including the floppy drives and eSATA and USB ports.119. What are two shortcomings of using BitLocker drive encryption? a. Weak encryption b. Expensive c. Performance suffers d. Shorter drive life Grade:2 User Responses:c. Performance suffers,d. Shorter drive life Feedback:a. A drive encrypted with BitLocker usually suffers in performance compared to a nonencrypted drive and could have a shorter shelf life as well. /b. A drive encrypted with BitLocker usually suffers in perfo rmance compared to a nonencrypted drive and could have a shorter shelf life as well.120. Which form of DLP is typically installed on the perimeter of the network? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 User Responses:b. Network DLP Feedback:a. Network DLP systems can be software or hardware solutions that are often installed on the perimeter of the network. They inspect data that is in motion.121. Software as a service (SaaS) is a type of _____________ computing. a. HSM b. cloud c. role-based d. TPM Grade:1 User Responses:b. cloudFeedback:a. Software as a Service (SaaS) is the most commonly used and recognized example of cloud computing. SaaS is when users access applications over the Internet that are provided by a third party.122. Which form of DLP inspects ONLY data in motion? a. Endpoint DLP b. Network DLP c. Storage DLP d. Comprehensive DLP Grade:1 User Responses:b. Network DLP Feedback:a. Network DLP systems can be software or hardware solut ions that are often installed on the perimeter of the network. They inspect data that is in motion.123. Which of the following is NOT an example of cloud services? a. SaaS b. IaaS c. PaaS d. BaaS Grade:1User Responses:d. BaaS Feedback:a. Examples of cloud services include Software as a Service (SaaS), Infrastructure as a Service (IaaS), and Platform as a Service (PaaS).124. When an electronic control suffers an error, reports the error, and shuts down, it is called_____________. a. Failopen b. Failsafe c. Failclose d. Failshut Grade:1 User Responses:b. Failsafe Feedback:a. When the control fails and shuts down, it is a failsafe. When it fails and leaves a vulnerable system, it is a failopen.125. What should be the first thing you check when an intrusion has been detected? a. Firewall logs b. Server logs c. Workstation logs d.Security patches Grade:1 User Responses:a. Firewall logs Feedback:a. Logging is also important when it comes to a firewall. Firewall logs should be the first th ing you check when an intrusion has been detected. You should know how to access the logs and how to read them.126. Which log on a Windows server is where you could learn if Joe logged in today? a. Applications b. System c. Security d. DNS Grade:1 User Responses:c. Security Feedback:a. The security log contains entries about logins and access to resources both successful and unsuccessful.127. Which of the following is NOT an example of physical security? a. Mantraps b.Security logs c. Video surveillance d. Hardware locks Grade:1 User Responses:b. Security logs Feedback:a. Security logs track activities on the network which is logical not physical security.128. Which of the following is NOT a type of door lock? a. Cipher b. Keyed c. Cardkey d. Mantrap Grade:1 User Responses:d. Mantrap Feedback:a. A mantrap is a two door system designed to prevent tailgating.129. Which of the following is NOT an example of operating system hardening? a. Disabling unnecessary services b. Removing the N IC c. Protecting management interfaces d. Password protection Grade:1 User Responses:b. Removing the NIC Feedback:a.Hardening the system should not reduce its functionality, and removing the NIC would do that.130. Which of the following standards is often referred to as port-based security? a. 802. 1x b. 802. 11 c. 802. 11n d. 802. 1 Grade:1 User Responses:a. 802. 1x Feedback:a. 802. 1x enforces perimeter security by keeping the port of the station closed until authentication is complete.131. In which type of monitoring is network traffic analyzed for predetermined attack patterns? a. Signature-based monitoring b. Anomaly-based monitoring c. Behavior-based monitoring d. Reactive-based monitoring Grade:1 User Responses:a. Signature-based monitoringFeedback:a. Network traffic is analyzed for predetermined attack patterns. These attack patterns are known as signatures.132. A(n) __________________ uses baseline reporting and other analyses to discover vulnerabilities and weaknesses in s ystems. a. NAT b. SPA c. SLA d. PSK Grade:1 User Responses:b. SPA Feedback:a. The security posture can be defined as the risk level to which a system, or other technology element, is exposed. Security Posture Assessments (SPA) use baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems.133. Which of the following indicate a problem currently occurring? . Trends b. Baselines c. Alarms d. Averts Grade:1 User Responses:c. Alarms Feedback:a. Although alerts indicate an issue that MAY need attention, alarms indicate a problem currently occurring.134. Which of the following are detection controls? (Choose all that apply. ) a. IDS b. IPS c. Video cameras d. Security guard Grade:2 User Responses:a. IDS,c. Video cameras Feedback:a. Detection controls, such as Intrusion Detection systems and video cameras record only activity; they do not prevent it. /b. Detection controls, such as Intrusion Detection systems and video cameras record only activity; they do not prevent it.135. Which of the following is designed to prevent tailgating? a. Mantraps b. Security logs c. Video surveillance d. Hardware locks Grade:1 User Responses:a. Mantraps Feedback:a. Mantraps use double doors to prevent tailgating.136. Which of the following is a proximity reader? a. a security card that transmits the location of the holder b. a device that tracks how close an individual is c. a security card reader that can read the card from a distance d. a card reader that locks the door when the holder is a certain distance from the door Grade:1 User Responses:c. security card reader that can read the card from a distance Feedback:a. These cards use radio waves to transmit to the reader.137. By frequently updating systems and by employing other methods such as group policies and baselining, you _____________ the systems. a. brace b. harden c. virtualize d. hardline Grade:1 User Responses:b. harden Feedback:a. By frequently updating systems and by employing other metho ds such as group policies and baselining, you harden the system.138. Installing service packs is a part of the ___________ process. a. baselining b. hardening c. scaling . security templating Grade:1 User Responses:b. hardening Feedback:a. Hardening the OS is accomplished through the use of service packs, patch management, hotfixes, group policies, security templates, and configuration baselines.139. ______________ can be described as unauthorized WAPs that inadvertently enable access to secure networks. a. Rogue access points b. Evil twin c. War driver d. Phisher Grade:1 User Responses:a. Rogue access points Feedback:a. Rogue access points can be described as unauthorized wireless access points/routers that enable access to secure networks.They differ from an Evil twin in that an Evil twin is strategically placed for the purpose of accessing the network or performing a high jacking attack, whereas rogue access points generally may be placed by employees for their convenience.140. W hich wireless attacks include the introduction of radio interference? a. Rogue Access Point b. Evil twin c. War driver d. Bluesnarfing Grade:1 User Responses:b. Evil twin Feedback:a. The evil twin attack includes jamming the network to cause the stations to associate with the evil twin AP.141. When executing the Evil twin attack, what value must match on the Evil twin and the legitimate AP? . IP address b. SSID c. MAC address d. Admin password Grade:1 User Responses:b. SSID Feedback:a. The Evil twin attack includes jamming the network to cause the stations to associate with the Evil twin AP. The stations will not roam to the Evil twin unless the SSID is the same as the legitimate AP.142. ________________ is when a person attempts to access a wireless network, usually while driving in a vehicle. a. War chalking b. Radiophishing c. War driving d. Bluesnarfing Grade:1 User Responses:c. War driving Feedback:a. War driving is when a person attempts to access a wireless

The Use of Web Bugs at Home Connection Case Study

The Use of Web Bugs at Home Connection - Case Study Example The web bugs have been placed on the personal computers of the subscribers of HomeConnection to gather results about an ongoing promotion. This has however been done without neither informing nor obtaining the consent of the subscribers (Josang, Maseng & Knapskog, 2009). The subscribers have a right to opt out of the company’s arrangement since it infringes on their rights by disclosing their activities (Spinello, 2002). They also have the right to refuse the web bug installation into their web pages since it could end up divulging information to intruders. The internet has a lot of criminals who are out to acquire vital personal information for the purpose of stealing finances and performing other dubious activities (Chander, Gelman & Radin, 2008). The company should have taken the initiative of informing the subscribers concerning their placement of the web bugs on their web sites. These actions would have prevented the company from receiving the complaints and threats of wi thdrawal they had experienced after their customers received knowledge concerning their activities and information being monitored (Spinello, 2002). The subscribers have additionally not been bound by any form of agreement that allows the company to intrude into their personal information and therefore have the liberty of opting out of this arrangement (Josang, Maseng & Knapskog, 2009).3Should a person displaying the ads agree to the web bug he should place a statement on his or her web site indicating that persons clicking on the ad.

Advise Barry, Edna and Gwen of their rights Essay

Advise Barry, Edna and Gwen of their rights - Essay Example The following day Les took the title deeds to a cottage he owned in Southport and wrote on them ‘All this now belongs to Edna’. In July 2009, Les was diagnosed with cancer. He said to his mistress, Gwen: ‘It is my dying wish, Gwen, that you should have my Knightsbridge penthouse apartment. Here are the keys to the apartment and to the deed box which is at my bank. Put them in your bag. My solicitor will sort out the details when I am dead.’ Advise Barry, Edna and Gwen who wish to know whether they are entitled as beneficiaries under completely constituted trusts of, respectively, (i) the watch, (ii) the shares and the cottage, and (iii) the Knightsbridge apartment. In order to advise the parties in the above, it is necessary to determine whether any of the bequests would be regarded as valid. When determining the validity it is necessary to ensure that the dispositions have been fully constituted. Within the law of trusts and bequests certain formalities have to be adhered to in order for the trust document and will to be regarded as valid. As there is no indication in relation to the age and mental status of Lee it will be assumed, in this instance, that the requirements of the Family Law Reform Act 1969 s1(1) have been satisfied. Where a trust is created in a will, the courts will determine the validity by reference to the Wills Act 1837 s9 which was amended by Administration of Justice Act 1982 s. 17. With all bequests, the three certainties need to be present in order for the bequest to be fully constituted. The three certainties are certainty of intention1, certainty of subject matter2 and certainty of objects3. Intention can be inferred from the wording in the will, and it is therefore important to ensure clarity when making a will. The case or Re Kayford demonstrates that the word trust does not need to be included in the wording of the will in order for the

Mashup, remix, fandom, intertextuality, music simulacrum Essay

Mashup, remix, fandom, intertextuality, music simulacrum - Essay Example Mashup is a music term that refers to skilful blending of two or more songs to achieve a new coherent composition, usually featuring various music genres. Another terms for a mashup are blend, bootleg, smashup, bastard pop, powermix, cutup and crossover. David J. Gunkel, Aram Sinnreich, Michele H. Jackson, Brian Lamb and Liam McGranaham are some of the authors who have written elaborate and scientific publications on the mashup culture. Although the term first appeared in the Oxford English Dictionary in 2000, the history of mashups is debatable. While the notion of a mashup as a 21st century novelty appears viable, the roots of a mashup can be traced to the early 20th century. The installation of Marcel Duchamp’s Bicycle Wheel in1913 where he combined a stool with a bicycle wheel was a physical symbol for mashup (Levay 22). A mashup is â€Å"a fun and adventurous way to make something fresh out of something stale† (Gaylor web). Music mashup characteristics are addition ally attributed to musicque concrete, a form of music which evolved in the 1940s, where compositions were not limited to sounds from musical instruments (McLeod 81). The music community have come to a strong consensus on the origin of a mashup. They agree that part of the remix culture (Mashup) originated from Jamaica in the early 1950s Arguably, a remix is an umbrella term encompassing mashup among other music compositions. It is when Jamaican selectors or disc-jockeys composed first metatexts by playing live a series of records in the same key, tempo or theme. This gave grounds for the emergence of hip hop DJs several decades later (Brewster and Broughton 254; Levay 22) Ironically, these roots seem to contradict Sinnreich’s observation that a mashup is associated with white European logic as opposed to the Afro-diasporic hip-hop genre (Sinnreich 195-9). The fact remains that mashup, despite its Jamaican foundations, first gained major popularity in the United Kingdom. The f irst mashup that gained widespread media attention and broke into the mainstream across the UK was done by The Freelance Hellraiser in 2001. His â€Å"A Stroke of Genie-us† combined Christina Aguilera’s â€Å"Genie in a Bottle† and The Strokes’ â€Å"Hard to Explain.† While a mashup can be done manually, the most common production of mashups occurs digitally. Among the most common software are Ableton Live and Sony’s Acid Pro. They let both professionals and bedroom producers to join a vocal section from one piece with an instrumental section of another to produce one stereo track, which is the basic element of a mashup. Since at present music is recorded using multi-track recording techniques, music labels sometimes release those tracks individually to encourage producers and DJs to create remixes thus contributing to the popularity of the original recording. Works Cited Aram Sinnreich, â€Å"Plus ca change’ or Paradigm shift?† University of Massachusetts Press. (2010), 193-208. Brewster, Bill  and Broughton, Frank. Last night a dj saved my life: the history of the disc jockey. New York: Grove Press, 1999. Print. David J. Gunkel, â€Å"Rethinking the digital remix: Mash-ups and the metaphysics of sound recording.† Popular Music and Society, 31/4 (2008), 489-510. Gaylor, Brett, dir.  RIP: A Remix Manifesto. 2008. Web. 25 Jan. 2012 . Jackson, Michele. " The Mash-Up: A New Archetype for Communicatio."  Journal of Comupter-Mediated Communication. 14. (2009): 730–734. Web. 25 Jan. 2012.   Lamb, Brian. "Dr. Mashup or, Why Educators Should Learn to Stop Worrying and Love the Remix."EDUCAUSE Review. 2004. Web. 25 Jan. 2012. . McGranahan, Liam. "Bastards and Booties: Production, Copyright, and the Mashup Community."  Revista Transcultural de Musica. 14. 2010. Web. 25 Jan. 2012.   Remix A remix refers to alternative version of a recorded song with added or

Literature class Essay Example | Topics and Well Written Essays - 500 words

Literature class - Essay Example This short story reflects Clarke’s attitude about coming from Barbados himself. Clarke was raised on the island, only to come to Toronto to find a whole new world, just like his narrator of â€Å"The Motor Car†. The sense of losing oneself in a new country, which has a different culture, was one of Clarke’s fears, which he expresses in this story. Unlike the narrator in â€Å"The Motor Car†, Clarke managed to move and keep his traditional values. â€Å"Hazel† by Carol Shields is a novel that any middle aged homemaker can relate with. After raising two daughters and being supported by her husband, Hazel’s life is changed forever when her husband dies. Hazel felt depressed and lonely, so decided to take a job. Her mother-n-law, best friend, and daughters were appalled. Hazel’s mother-n-law said â€Å"there is no need† (Shields). She felt that since Hazel was well provided for, that a job was not necessary. Maxine, Hazel’s best friend, said â€Å"your not the type† (Shields). Her daughters insisted their father would not have approved. What Hazel’s family and friends did not realize was Hazel needed her job. It might have been a nothing small job, but she needed to feel useful. People need a purpose in life. Hazel just happened to find hers in a job demonstrating pots and pans. Alistair Macleod’s â€Å"The Boat† is a story about the narrator’s sorrow regarding his father’s death. The sorrow expressed by the narrator was wrapped up in a boat. The boat symbolized tradition and a family bonding around working on it. In fact â€Å"Jenny Lynn had been my mother’s maiden name and the boat was called after her as another link in the chain of tradition† (Macleod). The narrator relates stories from every stage of his life by remembering times in the boat. The boat is the focal point of the narrator’s life. When he remembers his father, he remembers

Relationship LensEveryday Ethics Essay Example | Topics and Well Written Essays - 1000 words

Relationship LensEveryday Ethics - Essay Example This paper will use "Everyday Ethics" by Catharyn Baird as a guide to develop a personal ethical framework for the workplace. A number of ethical competencies need to be enhanced and developed in my profession. At the basic level it should involve anger management in order to avoid conflicts. Problems should be rectified in a smart and prudent manner. Further negative events in the workplace should be used as a stimulus to improve productivity and output. The ability of choosing how to live and work is called free will. We all decide on our own about how we will live our lives. Philosophers call this ability a gift of free will. The understanding of how to live our life is called self efficacy. This is another ethical competency that needs to be integrated in the workplace. As a professional I am answerable to the management, colleagues, and customers. I need to implement superior ethical principles which will assist in creating an efficient and effective work environment. In order to better handle our professional lives we should improve our self efficacy. Self efficacy is defined by Albert Bandura as an ability to handle different given types of performances. The people who have strong belief in their self efficacy will be ready to make choices in their lives according to the situation. They start believing that they are effective. With knowledge and learning our self efficacy can increase. In the event we find more satisfaction and we become effective ethical agents in our professional lives. Self efficacy helps to create superior relationships and associations with the stakeholders. Management, colleagues, and customers are the constituents to whom I am answerable. Workplace Integrity Integrity is about creating accountability and fairness in the workplace. This is accomplished through the pursuit of clear and precise objectives. I need to protect the information of the organization. It also means following honest and transparent procedures during work tasks and duties. Workplace Greatest Good The greatest good is achieved in the workplace by maintaining a balance between organizational interests and ethical dilemmas. I seek to create an ethical environment where the spirit of friendship, openness, and collaboration is promoted. Workplace Justice Justice inside the workplace should be implemented in a smart and prudent manner. It means that individuals should ensure that there is no discrimination or bias. As a professional, I seek to implement justice so that the work duties are distributed according to the skills and expertise of the workforce. Workplace Courage Workplace courage means that the employees should express their opinions and feedback in an open and constructive manner. I pursue these qualities in order to ensure the highest ethical and moral principles in the workplace. Future Perceptions and Career Different work situations can create cynicism in our minds and because of that self efficacy in our professional lives can become low. For example, if we are working in a manufacturing plant where we are only a part of system and not connected to our customers even in good times; we may start believing that we have no control over our economic lives. We feel

Introduction to Islam- Essay Example | Topics and Well Written Essays - 2250 words

Introduction to Islam- - Essay Example Seen in this context, Islam is a world religion that not only cherishes the man's relationship with God, but also encourages a self imposed discipline and a consideration for the rights and privileges of others. After the atrocities of September 11, many of us who are Muslim intellectuals living and working in North America made a discovery that deepened the horrors of that terrible day. We learned, to our intense dismay, that some of the Muslim organizations around us were getting their notions about Islam from Middle Eastern or South Asian preachers who preached a deeply illiberal "us against them" worldview and reviled the proposition that Muslims should learn the basic civic virtues and responsibilities of life in a free,. democratic, and a pluralist society (Sachedina 307). Never before the Islam was in a danger of being so grossly misinterpreted, by the Muslims and non Muslims throughout the Western world. The post 9/11 situation left the liberal Muslims in the developed world with a painful dilemma. Not only they found themselves to be the victims of the acts of hatred perpetrated by a small but intimidating section of the local population, but they also realized that the hardliners within their own community and throughout the world looked at them with suspicion and disgust. It left them with a predicament that urgently called for an intense catechism about their allegiance to their faith, their rights and duties as a citizen and their responsibilities as the devout Muslims in the countries adopted by them as their homeland.While projecting themselves as the authentic and legitimate champions of Islam," these preachers of intolerance continue to promote seclusion and mistrust (Sachedina 307)". The fundamentalist elements within the Muslim community are trying hard to project a picture of Islam that is incompatible with the contemporary ethos of democracy, tolerance and peaceful coexistence. They are bent upon unleashing a war of civilizations. Such an unhealthy trend gives way to many pertinent questions. Is Islam incompatible with the contemporary Western mores and values Do Muslims living in the Western world will have to make a choice between their faith or "basic civic virtues and responsibilities (Sachedina 307)" Has Islam got no message or relevance for the modern world and is anachronistic in a modern context Infact, any person, be it a Muslim or a non Muslim, who has a basic insight into and an understanding of the tenets of Islam is often surprised to find that Islam propagates a holistic attitude towards life that propagates and asserts the rights and duties of all the sections of the society, be it the women, the children, the aged, the physically challenged, the non Muslims, the capitalists, the laborers and the pe asants, the colored races, the intelligentsia and almost everybody. The issues and causes supported by feminism, the anti globalization movement, the

Analysis and Comparison of Iranian and American Management; the Cultural Dimensions and Values Essay Example for Free

Analysis and Comparison of Iranian and American Management; the Cultural Dimensions and Values Essay This report is aimed to represent a brief description of the Iranian management values today and compare the results with a developed country like Unites State. First it will give a description of some of the characteristics of Iran management and culture, then it is tried to categorize these characteristic base on Hofstedes Dimensions (1980) (power distance, avoiding uncertainty, masculinity/femininity, individualism/collectivism) and Flower’s dimensions, Flower 1975, (tribalistic, egocentric, conformist, manipulative, sociocentric, existential). In the next step will be presenting of relative information about United State and at the end the comparison between the results. Most parts of this report is focused on Iran management. IRAN The name ‘‘Iran’’ was used as early as the third century BC by a ruler who described his empire as Iran-shahr and himself as the ‘‘King of Kings’’. The country is highly diverse from every point of view, especially in topography and climate. The population of Iran is estimated at some 70 million, 12 million of which live in the capital Tehran and its suburbs. The official language of Iran is Persian (Farsi) which is an Indo-European language derived from Sanskrit. The country has one of the world’s most diverse ethnic groups ever assembled in one country: Persian (56 per cent), Turk (Azari) (24 per cent), Gilaki (8 per cent), Kurd (8 per cent), Lur, Baluch, Arab and Turkaman. The religious groups are Shiite Muslim, Sunni Muslim, Zoroastrian, Jewish, Christian and Bahaii. At the present, Iran is an Islamic republic, ruled according to a constitution providing for executive, legislative and judicial branches. The political system comprises both elected and un-elected institutions. Iran’s economy is a mixture of central planning, state ownership of oil, large enterprises, village agriculture, small-scale private trading and service ventures. All large industries and the majority of medium-scale enterprises are run by the public institutions particularly the foundations which were set up during the revolution. These entities own some 20 per cent of the country’s assets, and contribute 10 per cent of GDP (Khajehpour, 2000), however, they are generally mismanaged. Management in Iran Iranian management today is interesting firstly because the country is slowly opening up to the West after two decades of ignorance on the part of Westerners as to sides of life in Iran other than the political and religious aspects. Up till quite recently, the political discourse was dominated by the belligerent official language and images of mobs demonstrating in the streets against â€Å"the devils in the West†. Now after twenty years of austere clerical regime, the reform movement is gradually gaining momentum, especially among young people who have not known life before the Revolution. Secondly Iranian management is interesting because most people confound Iranians with Arabs, believing that what they learn about Arab countries is also valid for Iran, and this obviously is a misunderstanding. We begin our discussion with bringing some insights into Iranian society and its culture. Based on Hofstede’s findings (1980) Iran is classified in near Eastern cluster including Turkey and Greece. A more recent research found that Iran is part of the South Asian cultural cluster consisting of such countries as India, Thailand and Malaysia (Javidan and Dastmalchian, 2003). For a newcomer these findings may seem very different from the image of Iran as a predominant Islamic/Middle-Eastern country which is often confused with its neighbours. The point is that as a country situated in the Middle East, Iran has many commonalities with its neighbour Muslim countries; however, due to its unique historical, linguistic and racial identities it has a different and unique culture. Collectivism A very fundamental issue in every society is the priority given to interests of individuals versus those of collectivity. Hofstede (1980) views an individualistic society as one in which beliefs and behaviours are determined by the individual; whereas in a collectivistic society the attitudes are determined by loyalty towards one’s group. The manifestations of collectivism and social networking are very common in Iranian management. Personal connections and informal channels seem more practical, whereas formal systems, official institutions and procedures are considered less efficient and even bothering. As a direct result, Iranian society tends to perate rather on the basis of personal relationships among people, than on the basis of impersonal and mechanised institutions. The use of informal channels may imply bending rules and taking advantages to which one is not formally entitled. The popular Persian term for this practice and other forms of nepotism and favouritism is Partibazi, which is a common practice in Iranian organizations. For instance, it would not be unusual for Iranian managers to hire a relative or acquaintance for a job vacancy, even though they could easily employ a more competent but unknown worker. Collectivism has also a significant influence on the communication. An outcome of collectivism is the implicit and high-context communication in Iranian culture. Iranians from an early age learn to be careful about what they say and are advised to use an indirect language for expressing their intentions (Javidan and Dastmalchian, 2003). Persian language and literature are full of nuances and metaphors which should be interpreted in their context and cannot be taken at face value. A particular and very common form of indirect language in Iranian culture is Taarof which can be translated literally as politeness, but has a much more profound significance. In fact, Taarof implies a wide range of complicated and highly polite expressions/behaviours, which should not be interpreted literally. This kind of context-bound communication is very common in Iranian organizations in both written and oral forms. Power distance This orientation concerns the extent to which the less powerful members of a society expect and accept that power is distributed unequally. This orientation concerns the extent to which the less powerful members of a society expect and accept that power is distributed unequally. Results from Yeganeh and Zhan(2007) about ‘‘hierarchy’’ reflect the high degree of hierarchical distance among Iranian managers. Hofstede (1980) considers these characteristic as power distance in his research. The antecedents of this high hierarchical distance are deeply rooted in many aspects of Iranian mythology, history, politics, religion and family structure. Manifestations of high degree of hierarchical distance are various and numerous in Iranian management. A very clear example is the over-centralization of the capital Tehran. Despite the diversity and largeness of country, all administrative bodies and decision-makings are concentrated in the capital and other provinces should obey the resolutions. Other examples include top-down management, authoritarian decision-making (Javidan and Dastmalchian, 2003) and hierarchical structure of reward systems. For instance, there is considerable gap between compensation packages intended for people working at the top of organization and those working at entry levels. Managers consider it normal that people at higher levels have more privileges than those at lower levels. An outcome of hierarchical distance, combined with effects of collectivism and family-orientation is the dominance of paternalism in Iranian organizations, which is encouraged also by Islamic virtues. Schramm-Nielsen and Faradonbeh (2002) reported that Iranian employees expected superiors to help them in a variety of issues such as financial problems, wedding expenses, purchasing of new homes, illness in the family, education of children and even marital disputes. Past-orientation Results from Yeganeh and Zhan (2007) indicate Iranian managers tend to be past- rather than future-oriented. The orientation toward past may be crystallized in honouring indigenous managerial styles and their underlying foundations. After the revolution of 1979, there was much emphasis on substitution of modern/western management by traditional/Islamic work-related principles. Therefore, Iranian executives were urged to realign their managerial styles and practices to religious, social and political values of revolutionary ideology. Not surprisingly, most of these managerial styles were not based on rationality and progress, but on old-fashioned and obsolete views which were not efficient and practical. The past orientation can be manifested also in terms of neglecting plans or setting short-time horizon and also relative high uncertainty avoidance. High uncertainty avoidance means that members of the society feel uncomfortable with uncertainty and ambiguity and thus support beliefs that promise certainty and conformity. Activity orientation (being versus doing) According to Yeganeh and Zhan(2007) , ‘‘Activity Orientation’’ corresponds to masculinity dimension as described by Hofstede (1980). It is argued that in a ‘‘Doing’’ culture, people tend to view work activities as core to their existence, and they attach much importance to achievement and hard work. In contrast, in ‘‘Being’’ cultures peace of mind is cherished and emphasis is placed on immediate and unplanned actions. In reality, it is possible to witness demonstration of both ‘‘Being’’ and ‘‘Doing’’ orientations in Iranian society. For instance, a good deal of Persian literature is devoted to peace of mind, pleasure and frugality. Moreover, affected by Islamic culture, Iranians tend to view the world as an ephemeral step which does not worth hard work and which should be considered as a transitional phase toward eternal life and salvation. While these manifestations correspond to ‘‘Being’’ orientation, Iranians are known also for ‘‘Masculine’’ qualities such as individual achiever (Javidan and Dastmalchian, 2003), militant, hard-working and efficient. Bargaining Whereas doing business always means trying to negotiate the best deal in terms of price and related conditions anywhere in the world, this does not normally in the Western world extend to everyday little purchases. The bargaining represents a tradition that goes back thousands of years. According to this tradition the choice of dealer or business relation is an important one. The tradition is also that you bargain with your usual suppliers. The Western custom of shopping around for the best price and the best conditions is not well accepted. The obvious reason is that it breaks with the golden rule of trust. It takes time to build up a relationship based on trust, and so you need to have a long-term strategy and a lot of patience. Uncertainty avoidance High uncertainty avoidance means that members of a society feel uncomfortable with uncertainty and ambiguity and thus support beliefs that promise certainty and conformity (Daft 2003). According to Ali and Amirshahi (2002) results, the primary values of Iranian Managers are conformist. Flower’s dimensions Based on a research by Alishahi (2002) which was conducted through istributing twenty-two hundred questionnaires to a random sample of Iranian managers, the primary values of Iranian managers are conformist, sociocentric. Indeed, the outer-directed values (conformist, sociocentric, and tribalistic) are relatively dominant. This result may have its roots in the political and cultural reality. Since the Islamic revolution, Islamic values have been propagated. The emphasis has been on achievement and human dignity and on societal causes, rather than on personal material gains, in alleviating internal problems. Both dimensions reinforce conformity and sociocentric attitudes without discounting the existential outlook and personal growth. The Islamic regime constantly reminds the public about the outside threat and the need to sacrifice personal gains for the sake of society. In addition, the core philosophy of the regime is that the poor and unfortunate segments of the society must have access to political and economic opportunities. It should be mentioned too that the current Islamic regime condones both conformity and sociocentric outlooks. In an era of transition, managers may seek to avoid uncertainty by going along with the public pronouncements of the regime. Nevertheless, certain values differ across some variables, such as size of organization, ownership, managerial position, and father’s occupation. For example, manipulative managers were found in larger organizations and in the private sector. A typical manipulative manager relies on building a network of friends and supporters, and on careful political manoeuvres. Large corporations in Iran were public or had been nationalized after the revolution. Both have experienced profound restructuring in terms of power distribution and economic partnership. Perhaps this situation created opportunities for a new allegiance to seize power and gain influence. Sociocentric value is found among lower-level managers and those with peasant, working class, and clergy origins. Those with working and lower class origins, therefore, may have developed an awareness of the enormous social differences, and may nurture the feeling of belonging to â€Å"social classes† that have little or nothing in common with upper social classes. Perhaps this in turn creates a commitment to humanistic and community causes and strengthens the desire for a just society. United State management American culture is characterized by high individualism with loosely knit social frameworks. In individualistic societies, people are supposed to take care of themselves and their immediate families. Since individualism is high in the United States, work and accomplishments are viewed as person-centred. Thus, issues of individual meritocracy and perceptions of fairness are likely to be more pronounced among American employees. Materialism, according to Abdu K. (2004), conveys the idea that being affluent, prosperous and rich should be encouraged and suggests that a certain product or service will make the user well off. However, the simplistic approach, like in the USA, conveys the â€Å"just enough idea,† which emphasizes ego needs and self-actualization, rather than just material comfort. Pluralism refers to the degree to which national culture fosters simultaneous coexistence of different ethnic groups with strong identities. In a low pluralism culture, minority groups are completely absorbed by the dominant culture. The minority groups either completely replace their identities with those of the dominant culture, or retain weaker cultural linkages with the dominant cultural group. High pluralism on the other hand characterizes simultaneous coexistence of diverse ethnic groups with strong identities. Both Iranian and American culture is non-pluralistic or ethnocentric. Ethnocentrism means that people have a tendency to regard their own culture as superior and to downgrade other cultures. In both countries cultural differences are unified into a coherent, universal work culture. Diverse groups are absorbed into the mainstream work culture to create uniform work norms, beliefs and values. In such a non-pluralistic culture, minority communities have weak identities and legitimacy. Thus, the in-group–out-group ideology may not be as prominent in non-pluralistic cultures as in pluralistic culture. Rather than compete with minority cultures, the dominant culture aims at absorbing the minority cultures. Ethnocentrism within a country makes it difficult for foreign firms to operate. Based on a research by Alishahi (2002), prevailing dominant values in the U. S. are, (egocentric, manipulative, and existential; 60% inner-directed). United state is characterized by low power distance a relatively high tolerance for uncertainty and emphasizes shared power and authority, with team members working on a variety of problems without formal guidelines, rules, and structure. Many workers in Iran expect organizations to be hierarchy.