3ed 4 Flashcards

Terms Definitions
elements of privacy
Securities Act of '33
Frequent signature updates are required by which of the following security applications? (Select TWO).A. AntivirusB. PGPC. FirewallD. PKIE. IDS
Why is certificate expiration important?A. Renewing the log files will keep it from getting too large.B. If given sufficient tile brute force techniques will probably to break the key.C. It will use more processing power when the encryption key is u
attacker records communication session and replays some or all later
A collection of suggestions that should be implemented
A decentralized open source federated identity management system that does not require specific software to he installed on the desktop.
A virtual server implementation attack that affects the:A. OS kernel will affect all virtual instances.B. disk partition will affect all virtual instancesC. system registry will affect all virtual instances.D. RAM will affect all virtual instances
The security committee at your organization is presently debating which certificate format to use for PKI. One of the managers states that he sees no reason not to use the certificate format supported by the International Telecommunications Union (ITU), a
Which of the following properly describes penetration testing?A. Penetration tests are generally used to scan the network and identify open portsB. Penetration tests are generally used to map the network and grab banners.C. Penetration tests are generally
____ are the strongest (and the costliest) for of authentication

The company Chief Information Officer (CIO) contacts the security administrator about an email
asking for money in order to receive the key that would decrypt the source code that the attacker
stole and encrypted. Which of the following malware types
D. Ransomware
Which of the following VPN implementations consists of taking IPv6 security features and porting them IPv4?
Compliance officer
An individual accountable for monitoring adherence to laws and regulations.
later version, attacked local network computers more frequently
Which of the following is commonly used in a distributed denial of service (DDOS) attack?
Which of the following will propagate itself without any user interaction?
QUESTION NO: 141An administrator does not want anyone to VPN from inside the network to a remote office ornetwork. Which of the following protocols should be blocked outbound on the network?A. TPMB. OVALC. SNMPD. ISAKMP
Answer: D
QUESTION NO: 186Using an asymmetric key cryptography system, where can a technician generate the key pairs?A. A certificate authorityB. IETFC. A key escrow serviceD. A recovery agent
Answer: A
job rotation
The process of periodically moving individuals from one job responsibility to another.
Remember ACIDAtomic All or notingCi Al b i Consistent Always obeys constraintsIsolated Transactions are serializedDurable Transactions are not lost
How can you monitor the online activities of a user?A. Viruses will permit monitoring of online activities.B. Spy ware will permit monitoring of online activities.C. Logic bomb will permit monitoring of online activities.D. Worms will permit monit
Which of the following BEST describes external security testing?A. Conducted from outside the perimeter switch but inside the firewallB. Conducted from outside the building that hosts the organizations serversC. Conducted from outside the organizati
A technician notices delays in mail delivery on the mail server. Which of the following tools could be used to determine the cause of the service degradation?A. Port scannerB. Performance monitorC. ipconfig /allD. TFTP
An administrator wants to obtain a view of the type of attacks that are being targeted against the network perimeter. The recommended placement of a NIDS would be:A. inside the proxy.B. inside the DMZ.C. outside the proxy.D. outside the firewall.E
A company is addressing backup and recovery issues. The company is looking for a compromise between speed of backup and speed of recovery. Which of the following is the BEST recommendation?A. Full backups every dayB. Daily differential backupsC. Ful
Security templates are used for which of the following purposes? (Select TWO)A. To ensure that email is encrypted by users of PGPB. To ensure that PKI will work properly within thecompanys trust modelC. To ensure that performance is standardized across al
An administrator wants to block users from accessing a few inappropriate websites as soon as possible. The existing firewall allows blocking by IP address. To achieve this goal the administrator will need to:A. upgrade to a DNS based filter to achieve the
Access control lists (ACLs) can be configured on router interfaces for inbound and outbound packets. Which of the following choices isn’t typically configured in an ACL? Answer a. Source and/or destination IP address b.
Which of the following tools will allow the technician to find all open ports on the network?A. Performance monitorB. Protocol analyzerC. Router ACLD. Network scanner
A malware incident has just been detected within a company. Which of the following should be the administrators FIRST response?A. RemovalB. ContainmentC. RecoveryD. Monitor
Which services is provided by message authentication codes?A. You make use of message authentication codes to provide the Key recovery service.B. You make use of message authentication codes to provide the Fault recovery service.C. You make use of m
Key Distribution Center (KDC)
An organization/facility that generates keys for users
What type of intrusion detection system might automatically break a connection or shut down a server in response to an intrusion?
Active detection

Which of the following malicious programs compromises system security by exploiting system
access through a virtual backdoor?
A. Virus
B. Trojan
C. Spam
D. Adware
B. Trojan

Every company workstation contains the same software prior to being assigned to workers. Which
of the following software options would give remote users the needed protection from outside
attackers when they are outside of the company's internal netwo
C. Personal firewall
The MOST common exploits of Interneto-exposed network services are due to:
buffer overflows
The process of increasing the security of an operating system from its normally installed state is called:
Which of the following access decisions are based on a Mandatory Access Control (MAC) environment?
Sensitivity labels
A network device that can read communications traffic on a local area network (LAN).
Sustainability is our ability to meet current needs without harming the environmental, economic, and societal systems on which future generations will rely for meeting their needs. It does not mean we must surrender our lifestyle by living in the cold and dark; nor does it mean building a hut in the woods where local lumber can be used. It simply means using resources wisely. Embracing values of sustainability ensures that decisions made and actions taken today do not hinder the existence of future generations.
toe security functions, set of all hardware, software, and firmware needed for enforcemant of policy
Which of the following requires an update to the baseline after installing new software on a machine?
Behavior-based HIDS
data backups
The process of copying information to a different media and storing it atan offsite location so that it can be used in the event of a disaster.
QUESTION NO: 152Which of the following is the BEST process of removing PII data from a disk drive before reuse?A. DestructionB. SanitizationC. ReformattingD. Degaussing
Answer: B
QUESTION NO: 123Which of the following is the BEST tool for allowing users to go to approved business-relatedwebsites only?A. Internet content filterB. FirewallC. ACLD. Caching server
Answer: A
QUESTION NO: 124Which of the following is a security trait of a virtual machine?A. Provides additional resources for testingB. Provides real-time access to all system processesC. Provides a read-only area for executing codeD. Provides a restricted environ
Answer: D
A device that makes an appeal for access.
maintenience bypass
need this for to replace UPS battery.
Which of the following is a security threat when a new network device is configured for first-time installation?A. Attacker privilege escalationB. Installation of a back doorC. Denial of Service (DoS)D. Use of default passwords
Users do not want to enter credentials to each server or application to conduct their normal work. Which of the following type of strategies will resolve this issue?A. Smart cardB. Two-factor authenticationC. BiometricsD. SSO
A passive response is the most common type of response to a number of intrusions. Which of the following is not a passive response strategy ?A. ShunningB. DeceptionC. NotificationD. LoggingE. All of the Above
What can be sued for credit card information theft? (Choose TWO) A. A Worm will permit credit card theft.B. A SPIM will permit credit card theft.C. An Adware will permit credit card theft.D. A Phishing will permit credit card theft.E. A Virus wi
What network device can you use to prevent a desktop computer on the network from promiscuously sniffing the packets of other computers on the same subnetwork? Answer a. Firewall b. Switch c. Modem d.
Which of the following systems is BEST to use when monitoring application activity and modification?A. RADIUSB. OVALC. HIDSD. NIDS
While auditing a list of active user accounts, which of the following may be revealed?A. Accounts with weak passwordsB. Passwords with dictionary wordsC. Passwordsthat are blankD. Accounts that need to be removed
Which of the following devices used in one of the three major types of security topologies, is a one-interface device ? (A) Bastion host (B) Application gateway (C) Screened host gateway (D) Screened subnet gateway
Challenge Handshake Authentication Protocol (CHAP)AUTHENTICATION
CHAP is a username/password authentication scheme. 1. Client logs on2. The authenticating server sends a challenge message containng a random value3. The client encrypts the same calue with the client password stored in its database4. The auth server encrypts the same value with the client password stored in its database5. If the two values match the user is authenticated
Common Criteria (CC)
A document of specifications detailing security evaluation methodsfor IT products and systems.
Which of the following terms describes a person who has gained legitimate access to a computer or network by providing a valid username and password?
Authenticated user

Which of the following concepts is applied FIRST when a user logs into a domain?
A. Virealization
B. Non-repudiation
C. Authorization
D. Identification
D. Identification

Security related training should be used to teach the importance of which of the following
A. Routine audits
B. Data mining
C. Data handling
D. Cross-site scripting
A. Routine audits

Which of the following elements has the ability to hide a node's internal address from the public

Which of the following authentication models often requires different systems to function together
and is complicated to implement in non-homogeneous environments?
A. One factor authentication
B. Single sign-on
C. Two factor authentication
D. T
D. Three factor authentication
Which of the following is often bundled with freely downloaded software?
 A. Cookies
 B. Logic bomb
 C. Adware
 D. Spam
C. Adware
A person pretends to be a telecommunications repair technician, enters a building stating that there is a networking trouble work order and requests that a security guard unlock the wiring closet.  The person connects a packet sniffer to teh network swit
Social engineering
Digital assets
These are any digital materials owned by an organization including text, graphics, audio, video and animations.
stream cipher
convert one symbol of plain directly into cipher
Which of the following is the main objective of steganography?
Hide information
chain of custody
a process of documentation that shows that the evidence was under strict control at all times and no unauthorized individuals were given the opportunity to corrupt the evidence
A specific resource, such as a file or a hardware device.
authentication request
A request by a supplicant to an authentication for access.
random key as long as message, proovably unbreakable
One Time Pad
Which of the following is a way to logically separate a network through a switch?A. Spanning portB. SubnettingC. VLAND. NAT
A user logs into their network with a smart carD. Which of the following keys is used?A. Cipher keyB. Shared keyC. Public keyD. Privatekey
differential backup
A type of backup that includes only new files or files that have changedsince the last full backup. Differential backups differ from incremental backups in that theydon’t clear the archive bit upon their completion.
Certificate Practice Statement (CPS)
The principles and procedures employed in theissuing and managing of certificates.
Which two encryption key lengths does SSL/TLS support?
40-bit and 128-bit

If an end-user forgets the password that encrypts the content of a critical hard drive, which of the
following would aid in recovery of the data?
A. Key escrow
B. Symmetric key
C. Certificate authority
D. Chain of custody
A. Key escrow

After completing a forensic image of a hard drive, which of the following can be used to confirm
data integrity?
A. Chain of custody
B. Image compression
C. AES256 encryption
D. SHA512 hash
D. SHA512 hash

Rainbow tables are primarily used to expose which of the following vulnerabilities?
A. Available ports
B. Weak encryption keys
C. Weak passwords
D. Available IP addresses
C. Weak passwords

Which of the following is an example of data obfuscation within a data stream?
A. Cryptography
B. Steganography
C. Hashing
D. Fuzzing
A. Cryptography
Which of the following needs to be backed up on a domain controller to be able to recover Active Directory?
System state
Which of the following ports are typically used by email clients? (select TWO)
1.  143
2.  110
Giving each user or group of users only the access they need to do their jobs is an example of which of the following security principles?
Least Privilege
Flat network
A network with little or no controls that limit network traffic.
Humidity Ratio/Absolute Humidity/Specific Humidity/w
Ratio of weight of moisture compared to weight of air; measure of actual amt of present water
Romans 8:35-39
I cannot be separated from the love of God.
During a risk assessment it is discovered that only one system administrator is assigned several tasks critical to continuity of operations. It is recommended to cross train other system administrators to perform these tasks and mitigate which of the foll
Single point of failure
access mask
A 32 bit value in a Windows access control entry that specifies the rights that are allowed or denied and is also used to request access rights.
Extensible Authentication Protocol (EAP)
An "envelope” that can carry many different kinds of exchange data used for authentication. such as a challenge/response and one-time passwords.
A user is going to dispose of some old hard drives. Which of the following should the user do to the drives before disposing of them?A. Reformat the hard drives once.B. Use a certified wipe program to erase dataC. Install antivirus on the drivesD. Run ant
Biba model
A model similar in concept to the Bell La-Padula model but more concerned withinformation integrity (an area the Bell La-Padula model doesn’t address). In this model, there isno write up or read down. If you’re assigned access to top-secret information, you can’t read secret information or write to any level higher than the level to which you’re authorized. Thismodel keeps higher-level information pure by preventing less-reliable information from beingintermixed with it.
demilitarized zone (DMZ)
An area for placing web and other servers that serve the generalpublic outside the firewall, therefore, isolating them from internal network access.
What should security administrators do before implementing a wireless network?
Conduct a thorough site survey.

Which of the following is BEST used to change common settings for a large number of deployed
A. Group policies
B. Hotfixes
C. Configuration baselines
D. Security templates
A. Group policies

A technician reports that an employee that retired five years ago still has access to the marketing
department's folders. Which of the following should have been conducted to avoid this security
A. Job rotation review
B. Separation of duti
D. Regular user access review
Which of the following types of servers should be placed on a private network?
File and print server
A user is assigned access rights explicity.  This is a feature of which of the following access control models?
Discretionary Access Control (DAC)
Data Loss Prevention (DLP)
A formal program that reduces the likelihood of accidental or malicious loss of data may also stand for “Data Leakage Protection.”
11 classes of requirements given by cc corresponding to types of security requirements
(D)denial of service
Rule Based Access Control (RBAC)
An access control model that can dynamically assign roles to subjects based on a set of rules defined by a custodian.
how to handle customer data
order placed on machine stored in memory encryped with PK from internal trusted network and stored to unix data storage where webserver in DMZ has write but not read privlidge
Which of the following attacks could be the most successful when the security technology is properly implemented and configured?A. Logical attacksB. Physical attacksC. Trojan Horse attacksD. Social Engineering attacksE. None of the Above
DSocial Engineering attacks: in computer security systems, this type of attack is usually the most successful, especially when the security technology is properly implemented and configured. Usually, these attacks rely on the faults in human beings. An example of a social engineering attack has a hacker impersonating a network service technician. The serviceman approaches a low-level employee and requests their password for network servicing purposes. When using smartcards instead of passwords, this type of attack is a bit more difficult. Most people would not trust an impersonator wishing to have their smartcard and PIN for service purposes.Logical, physical and Trojan horse attacks are often much less successful when security is properly implemented on a network.
Which would be the best source of information regarding the Annualized Rate of Occurrence (ARO) for a risk?
An insurance companyInsurance companies thrive on risk analysis and would therefore be your best bet for finding the annualized rate of occurrence for a risk.

A technician visits a customer site which prohibits portable data storage devices. Which of the
following items would be prohibited? (Select TWO).
A. USB Memory key
B. Bluetooth-enabled cellular phones
C. Wireless network detectors
D. Key card
A. USB Memory key
B. Bluetooth-enabled cellular phones
The risks of social engineering can be decreased by implementing: (Select TWO)
1.  Security awareness training
2.  Identity verification methods
drive file slack (drive slack)
Data from the deleted portions of a program that is used tofill up the last cluster on a disk.
In a RADIUS architecture, which of the following acts as a client?A. A Network Access ServerB. The end userC. The authentication serverD. All of the AboveE. None of the Above
AA Network Access Server (NAS) operates as a client of RADIUS. The client is responsible for passing user information to a designated RADIUS server, and then acting on the response, which is returned. Radius uses a centralized database, simplifying password management. The end user's computer does not make the RADIUS request. The NAS makes the request after receiving the network connection request from the end user.
Which type of attack attempts to destroy availability by preventing a system from handlingnormal, legitimate requests for data?
DoS (Denial of Service) attack.DoS attacks don't attempt to steal data or gain unauthorized access. They just try to preventother people from gaining access to a system.

An administrator wants to crack passwords on a server with an account lockout policy. Which of
the following would allow this without locking accounts?
A. Try guessing passwords slow enough to reset the bad count interval.
B. Try guessing passwor

C. Copy the passwordfile offline and perform the attack on it.
Part of the backup media security includes: (select three)
1.  labeling each tape
2. storing all tapes in a safe location
3.  scrubbing data from old tapes before disposing of the tapes.
Which of the following actions should be performed upon discovering an unauthorized wireless access point attached to a network?
Unplug the Ethernet cable from the wireless access point.
Which of the following represents the best method for securing a web browser?A. Do not upgrade, as new versions tend to have more security flaws.B. Disable any unused features of the web browser.C. Connect to the Internet using only a VPN (Virtual P
BFeatures that make web surfing more exciting like: ActiveX, Java, JavaScript, CGI scripts, and cookies all poise security concerns. Disabling them (which is as easy as setting your browser security level to High) is the best method of securing a web browser, since its simple, secure, and within every users reach
User Mary has Allow Read and Allow Write permissions to FileA through her membership inthe Accountants group. She has Deny Read permissions to FileA through her individual useraccount. What is Mary's effective permission on FileA?
Mary has no access to FileA.

Which of the following is provided at a cold site?
A. Fully operational equipment and installed network equipment
B. Live redundant computers, network connections and UPS
C. Active network jacks
D. New equipment ready to be installed
D. New equipment ready to be installed
SEC v Ralston Purina- whether the particular class of investor needs the protection?
(public v private)1. the number of offerees and their relationship w/ each other and the sponsor2. the number of sec's offered3. the size of the offering4. the manner of the offering
Why are clocks used in a Kerberos authentication system? A. To ensure proper connections. B. To ensure tickets expire correctly. C. To generate the seed value for the encryptions keys. D. To benchmark and set the optimal encryption algorithm.
BThe actual verification of a client's identity is done by validating an authenticator. The authenticator contains the client's identity and a timestamp. To insure that the authenticator is up-to-date and is not an old one that has been captured by an attacker, the timestamp in the authenticator is checked against the current time. If the timestamp is not close enough to the current time (typically within five minutes) then the authenticator is rejected as invalid. Thus, Kerberos requires your system clocks to be loosely synchronized (the default is 5 minutes, but it can be adjusted in Version 5 to be whatever you want). Reference: http://www.faqs.org/faqs/kerberos-faq/general/section-22.html

A technician would MOST likely use a vulnerability scanner instead of a port scanner when which
of the following is required?
A. A list of filtered ports
B. More information about the services
C. Only a list of open ports
D. A faster, less comp
C. Only a list of open ports
The aid in preventing the execution of malicious code in email clients, which of the following should be done by the email administrator?
Spam and anti-virus filters should be used
What is a program that can infect other programs by modifying them to include a version of it called?A. ReplicatorB. VirusC. Trojan horseD. Logic bomb
BA virus can do many things and including itself in a program is one of them. A virus is a program intended to damage a computer system. Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 533

Which of the following defines the role of a root certificate authority (CA) in PKI?
A. The root CA is the recovery agent used to encrypt data when a user's certificate is lost.
B. The CA stores the user's hash value for safekeeping.
C. The CA is
C. The CA is the trusted root that issues certificates.
What is the best way to harden a custom application that's developed in-house?
Make sure that security is given due consideration at each step in the development process
/ 123

Leave a Comment ({[ getComments().length ]})

Comments ({[ getComments().length ]})


{[ comment.comment ]}

View All {[ getComments().length ]} Comments
Ask a homework question - tutors are online