I am secure Flashcards

Terms Definitions
RTU
Roof top unit
Assigning proper security permissions to files and folders is the primary method of mitigating which of the following?
Trojan
When conducting an environmental security assessment, which of the following items should be included in the assessment? (Select THREE).A. HVACB. Card access systemC. Off-site data storageD. Logical accessE. UtilitiesF. Fire detection
A,E,F
cryptosystem
system for encryption and decryption
policy
A document that outlines specific requirements or rules that must be met.
attack on DMZ indicates
untrustworthy adminfaulty softwareexternal firewall failrue
What model assigns sensitivity labels to users and their data?A. You should identify the Discretionary Access Control (DAC) access control model.B. You should identify the Role Based Access Control (RBAC) access control model.C. You should identify
C
Determine the access control model where users are assigned access rights based on their function within the organization?A. This is a feature of Discretionary Access Control (DAC).B. This is a feature of Rule Based Access Control (RBAC).C. This is
C
Which type of backup includes all files created or modified since the last full backup and does not turn off the archive bit? Answer a. Differential b. Grandfather c. Standard d. Incremental
B
An administrator from the central office calls in a panic. He relays that he has heard from a reliable source that the company is about to be the target of a smurf attack, and he wants all sites to be aware of the potential problems. Which of the followin
C
Which of the following allows attackers to gain control over the web camera of a system?A. ActiveX componentB. SQL injectionC. Cross-site scriptingD. XML
A
Which of the following encryption algorithms relies on the inability to factor large prime numbers?A. Elliptic CurveB. AES256C. RSAD. SHA-1
C
____ contains the suggestions and procedures for monitoring access and authentication processes in your systems, and secures the log files and records of these efforts.
Auditing

Which of the following behavior-based security appliances are used to prevent suspicious activity
from entering the network?
 
A. Antivirus
B. IPS
C. HDS
D. IDS
D. IDS
A security administrator tasked with confining sensitive data traffic to a specific subnet would do so by manipulating privilege policy based tables in the network-s:
Router
Procedure
A written statement describing the steps required to implement a process.
eal
evaluation assurance level, lvl of certification sough
A malware incident has just been detected within a company. Which of the following should be the administrator’s FIRST response?
Containment
Which of the following redundancy solutions contains hardware systems similar to the affected organization, but does not provide live data?
Warm site
QUESTION NO: 182Sending a patch through a testing and approval process is an example of which of the following?A. Disaster planningB. Change managementC. Acceptable use policiesD. User education and awareness training
Answer: B
privilege management
Process of assigning and revoking privileges to objects and covers the procedures of managing object authorizations.
remote-access VPN
A user-to-LAN virtual private network connection used by remote users.
benefits of salt
can't see duplicates, increases difficulty against dictionary attacks, impossible to find out if a password on one system corresponds with another.
Which of the following access control methods relies on user security clearance and data classification?A. RBAC (Role Based Access Control).B. NDAC (Non-Discretionary Access Control).C. MAC (Mandatory Access Control).D. DAC (Discretionary Access C
C
An administrator is worried about an attacker using a compromised user account to gain administrator access to a system. Which of the following is this an example of?A. Man-in-the-middle attackB. Protocol analysisC. Privilege escalationD. Cross-s
C
A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance
D
A flat or simple role-based access control (RBAC) embodies which of the following principles?A. Users assigned to roles, permissions are assigned to groups, controls applied to groups andpermissions acquired by controlsB. Users assigned permissions, roles
D
A company needs to have multiple servers running low CPU utilization applications. Which of the following is the MOST cost efficient method for accomplishing this?A. Install multiple high end servers, sharing a clustered network operating system.B. Instal
C
What is the common term used to describe a hacker using a lookup tool and gaining access to a DNS server? Answer a. DNS poisoning b. DNS footprinting c. DNS spoofing d. DDoS
B
Which technology allows you to segment or group users that have similar data sensitivity levels together and thereby increase security ?(A) Virtual local area network (VLAN)(B) Network address translation (NAT)(C) Tunneling(D) None of the above
A
KerberosAUTHENTICATION
Kerberos authentication is based on a time-sensitive ticket granting system.1. User logs on to the domain2. User requests a ticket granting Ticket(TGT) from the authenticating server3. The Auth server responds with a Time Stamped TGT4. The user presents the TGT back to the auth server and requests a service ticket to access a specific resource. 5. The auth server responds with a service ticket6. The user presents the service ticket to the resource.7. the resource authenticates the user and allows access.
clustering
A method of balancing loads and providing fault tolerance.
A disgruntled customer calls the Customer Support department of an online business, demanding that his password be changed because the system will not accept the password he originally entered. To keep the customer happy, the operator changes the password
Social engineering

A security administrator is setting up a corporate wireless network using WPA2 with CCMP but
does not want to use PSK for authentication. Which of the following could be used to support
802.1x authentication?
 


A. LDAP
B. RADIUS
C. Kerberos
C. Kerberos

Which of the following algorithms provides the LOWEST level of encryption?
 
A. SHA1
B. Blowfish
C. DES

D. AES
C. DES
 

Which of the following environmental variables reduces the potential for static discharges?
 
A. EMI
B. Temperature
C. UPS
D. Humidity
D. Humidity
Kerberos uses which of the followig ports by default?
88
Non-repudiation is enforced by which of the following?
Digital signatures
Policy framework
A structure for organizing policies, standards, procedures, and guidelines.
sec (3)(b) of '33 Act
small issue exemption
packet sniffer
detects patterns of identifers in reques stream and blocks msgs in pattern
A technician needs to detect staff members that are connecting to an unauthorized website. Which of the following could be used?
Protocol analyzer
dry chemical system
A stationary fire suppression system that disperses a fine, drypowder over a fire.
QUESTION NO: 157Accessing a system or application using permissions from another users account is a form ofwhich of the following?A. PhishingB. Domain kitingC. ARP spoofingD. Privilege escalation
Answer: D
QUESTION NO: 145Which of the following is true about ECC algorithms?A. It is the algorithm used in PGP.B. It is implemented in portable devices.C. It is a private key algorithm.D. It is CPUintensivE.
Answer: B
QUESTION NO: 132A company wants to host public servers on a new network. These servers will include a websiteandmail server.Which of the following should be implemented on the network to isolate these publichosts from the rest of the network?A. IPv6B. IPS
Answer: C
QUESTION NO: 176Which of the following allows for notification when a hacking attempt is discovered?A. NATB. NIDSC. NetflowD. Protocol analyzer
Answer: B
anomaly-based monitoring
A process for detecting attacks by observing statistical anomalies.
white-pages service
An X.SOO service that provides the capability to look up information by name.
Autehnticity
The ability to verify the source of data, messages, etc. (This is really origin integrity.)
Which of the following is the MOST likely to generate static electricity?A. Low humidity and high temperatureB. High humidity and low temperatureC. Low humidity and low temperatureD. High humidity and high temperature
A
Which of the following can an attacker use to gather information on a system without having a user ID or password?A. NATB. DNS poisoningC. Null sessionD. Spoofing
C
What access control model is a Windows file server an example of?A. It is an example of a Discretionary Access Control (DAC) modelB. It is an example of a Role Based Access Control (RBAC) model.C. It is an example of a Mandatory Access Control (MAC)
A
You receive an e-mail to reset the online banking username and password. When you attempt to access the link the URL appearing in the browser does not match the link. What is this known as?A. This situation is known as redirecting.B. This situation is
D
The system administrator is responsible for access privileges in the ____ access control model
MAC (Mandatory Access Control)
man-in-the-middle attack
An attack focused on the encryption algorithm itself, the keymechanism, or any potential area of weakness in the algorithm.

When WPA is implemented using PSK, which of the following authentication types is used?
 
A. MD5

B. LEAP
C. SHA
D. TKIP
D. TKIP

Which of the following logical controls does a flood guard protect against?
 
A. Spanning tree
B. Xmas attacks
C. Botnet attack
D. SYN attacks
D. SYN attacks

Which of the following is BEST suited to detect local operating system compromises?
 
A. Personal firewall
B. HIDS
C. Anti-spam
D. System log
B. HIDS

Which of the following uses a trusted third party key distribution center authentication tokens?
 
A. LDAP
B. Kerberos
C. CHAP
D. TACACS
B. Kerberos

Which of the following tools can execute a ping sweep?
 
A. Protocol analyzer
B. Anti-virus scanner
C. Networkmapper
D. Password cracker

C. Networkmapper

Which of the following allows a user's private IP address to be displayed as the firewall IP address
when browsing the Internet?
 
A. DHCP
B. NAT
C. Dual-hormed
D. Screened subnet
B. NAT
A user has a sensitive message that needs to be sent in via email.  The message needs to be protected from interception.  Which of the following should be used when sending the email?
Encryption
Which of the following would be an example of a high-availablity disk technology?
RAID
Data encryption
when data is encrypted, the actual information can be viewed only when the data is decrypted
gong, needham and yahalom
2 types of beleif logics
A technician wants to regulate and deny traffic to websites that contain information on hacking. Which of the following would be the BEST solution to deploy?
Internet content filter
security policy
A written document that states how an organization plans to protect thecompany's information technology assets.
security identifier (SID)
An entry in Windows access control that is a unique number issued to the user for security.
Global data overflow defenses
Defenses: non executable or random global data region, move function pointers, guard pages
Which of the Following is an item most likely to be addressed in an Acceptable Use PolicyA. Acceptable password lengthB. Security Measures users are expected to FollowC. Schedule of testingD. Authority and conditions for monitoring user activities
B
All of the following are steps in the incident response process EXCEPT:A. eradication.B. repudiation.C. recovery.D. containment.
B
File Transfer Protocol (FTP)
TCP/IP and software that permit transferring files betweencomputer systems and utilize clear-text passwords. Because FTP has been implemented onnumerous types of computer systems, files can be transferred between disparate computersystems (for example, a personal computer and a minicomputer). See also TransmissionControl Protocol/Internet Protocol (TCP/IP).
What is the most overlooked element of security management?
Security awareness

Which of the following allows a systems administrator to regain lost keys within a PKI?
 
A. Recovery agent
B. One time pad
C. CRL
D. Asymmetric keys
A. Recovery agent

Which of the following would be used to eliminate the need for an administrator to manually
configure passwords on each network device in a large LAN?
 
A. RADIUS
B. OVAL
C. RAS
D. IPSec VPN
A. RADIUS

Which of the following helps prevent a system from being fingerprinted?
 
A. Personal firewall
B. Complex passwords
C. Anti-spam software
D. OS patching
A. Personal firewall

Management has requested increased visibility into how threats might affect their organization.
Which of the following would be the BEST way to meet their request without attempting to exploit
those risks?
 
A. Conduct a penetration test.
B. Condu
B. Conduct a risk assessment.

A CRL is comprised of:
 
A. malicious IP addresses
B. trusted CA's.
C. untrusted private keys.
D. public keys.
C. untrusted private keys.

Which of the following policies defines how to handle certain types of data?
 
A. Change management policy
B. Acceptable use policy
C. Separation of duties
D. Secure disposal of computers
B. Acceptable use policy

Which of the following would be used for authentication in Active Directory?
 
A. TACACS
B. RAS
C. PPTP
D. Kerberos
D. Kerberos
When reviewing traces from an IDS the following entries are observed: Date       Time        Source IP     Destination IP           Port          Type10/21   0900 192.1683, (etc).  What of the following is MOST likel
Port scanning
On a Windows host, which of the following event logs would contain failed logons?
Security Logs
Detective control
it is a manual security control that identifies a behavior after it has happened
Specific Volume/v
Volume per unit mass of the air sample; ft3/lb of dry air
Section 12 - antifraud provisions
Oral or written misstatements of material facts or omissions of material facts are prohibited to keep statements from being misleading
symmetric server cluster
A technology in which every server in the clusterperforms useful work and if one server fails the remaining servers absorbthe load
deadbolt lock
A locl that extends a solid metal bar into the door frame for extra security.
Extended Authentication Protocol—MD S (EAP MDS)
An authentication protocol that allows a RADIUS server to authenticate devices by verifying a hash of each user’s password.
Which of the following password generators is based on challenge-response mechanisms?A. asynchronousB. synchronousC. cryptographic keysD. smart cards
AAn synchronous password generator, has an authentication server that generates a challenge (a large number or string) which is encrypted with the private key of the token device and has that token device's public key so it can verify authenticity of the request (which is independent from the time factor). That challenge can also include a hash of transmitted data, so not only can the authentication be assured; but also the data integrity.
Internet Group Management Protocol (IGMP)
A protocol used for multicasting operationsacross the Internet.
Bell La-Padula model
A model designed for the military to address the storage and protectionof classified information. This model is specifically designed to prevent unauthorized accessto classified information. The model prevents the user from accessing information that has ahigher security rating than they are authorized to access. It also prevents information frombeing written to a lower level of security.
While examining network protocols enabled on network interface cards on servers and clients throughout an organization, a security administrator finds that most have far more active protocols than seem necessary for the network. What, if anything, should
Check for dependencies, and then disable all unnecessary protocols on all computers.

Exploitation of security vulnerabilities is used during assessments when which of the following is
true?
 
A. Security testers have clear and written authorization to conduct vulnerability scans.
B. Security testers are trying to document vulnerabi
D. Security testers have clear and written authorization to conduct penetration testing.

Which of the following is the MOST efficient way to secure a single laptop from an external attack?
 
A. NIPS
B. HIDS
C. Software firewall
D. Hardware firewall
C. Software firewall
A honeypot is used for:
allow administrators a chance to ovserve an attack.
Information security risk assessment
A formal process to identify threats, potential attacks, and impacts to an organization.
2 Timothy 1:7
I have not been given a spirit of timidity, but of power, love, and discipline.
access control list (ACL)
A set of permissions that is attached to an object.
privlidged libraries
if a library is going to be priv, we must staticly link it so we know what it is and can account for it in the enviro vars. Enumerating goodness.
Role Based Access Control (RBAC)
In RBAC, users are asigned to pre-defined roles, and network objects are configured to allow access only to specific roles. roles are created independent of user accounts.
Ensuring that a message sent across a network is not intercepted and altered in transit is anexample of what security goal?
Integrity.Confidentiality is about preventing unauthorized disclosure. Ensuring that data is true,accurate, and has not been falsified comes under data integrity
Providing false information about the source of a message or attack is a form of what?
IP spoofing involves forging the source IP address in a packet to hide the actual source ofthat packet.

A NIDS monitoring traffic on the public-side of a firewall provides which of the following?
 
A. Faster alerting to internal compromises
B. Intelligence about external threats
C. Protection of the external firewall interface
D. Prevention of malic
B. Intelligence about external threats
Which of the following problems will MOST likely occur if an HTML-based email has a mislabeled MIME type, exe attachment?
the executable can automatically execute
A security specialist is reviewing writable FTP directories and observes several files that viotate the company's security policy.  In addition to checking the FTP server, the specialist should:
Contain the affected system, review logs for other compromises and report the situation.
NTLM (New Technology LAN Manager) hash
A more secure format for storing Windows passwords that is considered very strong.
Which of the following is a drawback of Network-based IDSs?A. It is very costly to set up.B. It is not effective.C. It cannot analyze encrypted information.D. It is very costly to manage.E. All of the Above
CNetwork-based IDSs cannot analyze encrypted information. This problem is increasing as more organizations (and attackers) use virtual private networks. Most network-based IDSs cannot tell whether or not an attack was successful; they can only discern that an attack was initiated. This means that after a network-based IDS detects an attack, administrators must manually investigate each attacked host to determine whether it was indeed penetrated.
Which two techniques allow an attacker to fingerprint a computer's operating system?
Malicious port scanning, ICMP message quoting.

Which of the following situations applies to disaster recovery exercises?
 
A. Vulnerability scans should be performed after each exercise.
B. Separation of duties should be implemented after each exercise.
C. Passwords should be changed after each
D. Procedures should be updated after each exercise.
Which of the following would be considered a detrimental effect of a virus hoax? (select TWO)
1.  Technical support resources are consumed by increased user calls.
 
2.  Users are tricked into changing the system configuration.
Which of the following may be an indication of a possible system compromise?
A performance monitor indicates a recent and ongoing drop in speed, disk space or memory utilization from the baseline.
You are the network administrator at Certkiller .com. During a routing site audit of Certkiller 's wireless network, you discover an unauthorized Access Point under the desk of Sales department user. When questioned, she denies any knowledge of it, but in
ESocial engineering is a process where an attacker attempts to acquire information about your network and system by talking to people in the organization. A social engineering attack may occur over the phone, be e-mail, or by a visit. Reference: Mike Pastore and Emmett Dulaney, Security+ Study Guide, 2nd Edition, Alameda, Sybex, 2004, p 87
What would be the most effective way to prevent hackers from finding open ports and services to exploit when they scan your system?
Uninstall or disable all unused services and protocols

A new application support technician is unable to install a new approved security application on a
departmental's workstation. The security administrator needs to do which of the following?
 
A. Add that user to the local power users group
B. Add t
B. Add that user to the domain administrators group
{k}R(k) { { h ( M ) }S(k^-1) {M} } k
private key ring
What is an attack whereby two different messages using the same hash function produce a common message digest known as?A. man in the middle attack.B. ciphertext only attack.C. birthday attack.D. brute force attack.
CA birthday attack is based on the principle that amongst 23 people, the probability of 2 of them having the same birthday is greater the 50%. By that rational if an attacker examines the hashes of an entire organizations passwords, they'll come up with some common denominators.

A user is concerned about threats regarding social engineering and has asked the IT department
for advice. One suggestion offered might be to:
 
A. install a removable data backup device for portability ease.
B. verily the integrity of all data tha
C. ensure that passwords are not named after relatives.
Which of the following should be doen if an audit recording falls in an information system.
Send an alert to the appropriate personnel
Which of the following is a DoS (Denial of Service) attack that exploits TCP's (Transmission Control Protocol) three-way handshake for new connections?A. SYN (Synchronize) flood.B. ping of death attack.C. land attack.D. buffer overflow attack.E.
AThe SYN flood attack works when a source system floods and end system with TCP SYN requests, but intentionally does not send out acknowledgements (ACK). Since TCP needs confirmation, the receiving computer is stuck with half-open TCP sessions, just waiting for acknowledgement so it can reset the port. Meanwhile the connection buffer is being overflowed, making it difficult or impossible for valid users to connect, therefore their service is denied.

Which of the following is a benefit of network access control (NAC)?
A. A user is able to distribute connections to the network for load balancing using a centralized list
of approved devices.
B. A user is able to distribute connections to the networ
C. A user is able to control connections to the network using a centralized list of approved devices.

The primary purpose of a hot site is to ensure which of the following?
 
A. Recovery of operations within 30 days after a disaster



B. Transition of operations in a short time period in a disaster
 
C. Adequate HVAC to meet environmental init
B. Transition of operations in a short time period in a disaster
/ 122
Term:
Definition:
Definition:

Leave a Comment ({[ getComments().length ]})

Comments ({[ getComments().length ]})

{[comment.username]}

{[ comment.comment ]}

View All {[ getComments().length ]} Comments
Ask a homework question - tutors are online