Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
61 Cards in this Set
- Front
- Back
|
Which of the following attack can be mitigated by port security? IP spoofing DNS Poisoning MAC spoofing MAC Flooding |
Mac Spoofing and MAC Flooding |
|
|
Organizations that provides incident response? NIST OWASP CISRT ITIL |
Computer Security Incident Response Team (CISRT) |
|
|
Which tool is a System Integrity Verifier? Snort ZoneAlarm Nessus Tripwire |
Tripwire |
|
|
Network Protocol uses SMB Signing? Port scanner- Discover open ports Vulnerability scanner- discover network problem Sniffer- capture password hashes Network mapper- discover OS used |
sniffer used to capture password hashes |
|
|
Key components of Common Criteria evaluation system Security assurance levels Protection profiles Security functional requirements Evaluation assurance levels |
Protection profiles Evaluation assurance levels |
|
|
Purpose of WebGoat application? Prodes network for security issues Demonstrates common server-side security flaws Acts as a honeypot for network DMZ Responds to Syn flood |
Demonstrates common server-side security flaws |
|
|
Purpose of analyzing interrupts within a piece of software? Ensure critical data is not changed on the system Test access controls Validate the design Determine if secure coding principles were followed |
Ensure critical data is not changed on the system |
|
|
What is RDP in a demilitarized zone (DMZ)? |
Remote Desktop Protocol |
|
|
Factorization |
decomposing a value into a product of other values, common for cracking RSA encryptions. |
|
|
Protocol or standard formats information in XML? CORBA |
Simple Object Access Protocol (SOAP) |
|
|
Goals of Key Escrow Agreements? Enhance the security of private keys Provide 3rd party access to data Facilitate recovery operations Enhance the security of public keys |
Provide 3rd party access to data
Facilitate recovery operations |
|
|
What is true about a TCP connect scan with Nmap? Can detect three port states- open,close,filtered Sends packet w/ FIN flag set Very easy to detect on the computer or device being scanned Send packet w/ no flags on |
Very easy to detect on the computer or device being scanned |
|
|
Security audit evaluate? Security readiness Adherence of company to its security policy Execution of the security plan Adherence of company policy to industry standards |
Adherence of a company to its security policy |
|
|
Example of symmetric encryption Static WEP Key Private Key Public Key File hash |
Static Wireless Equivalent Privacy WEP Key-
|
|
|
Uses 160-bits for encryption? Sha1 Sha2 Sha3 MD5 |
SHA1 |
|
|
Purpose to scan from the internet while tunneling the scan through SSH? Scan will complete faster Scan devices that allow SSH connections Scan will father more complete information Will allow the scan to evade border sensor |
Will allow the scan to evade border sensor |
|
|
Which best describes a blackjack attack? a mobile app to gain access to internal networks mobile app to gain access to Blackberry Enterprise Server (BES) Using BES to block mobile app installation Using BES to limit rights of mobile apps |
A mobile app to gain access to internal networks |
|
|
Which ISO standard describes audit and certifications? 27002 27006 27001 27005 |
ISO 27006 outlines how to best secure a large ISO-compliant org. |
|
|
What does EFS stand for? |
Encryption File System |
|
|
What does EFS provide? File and folder encryption File-level security Automatic error recovery Drive Encryption |
File and folder encryption |
|
|
Which statements are true about program ipfwadm? Program written for Windows Replace by the program ipchains Has additional code that filters for fragments Control the packet filter or firewall capabilities |
Replace Ipchains Control packet filter or firewall capabilities |
|
|
Where did iptables come from? |
ipfwadm to ipchain to iptables |
|
|
Destination address of 0xFFFFFFFFFFFF? Layer 2 broadcast frame Layer 3 network ID layer 2 network ID Layer 3 broadcast address |
Layer 2 broadcast frame |
|
|
Which component in the PKI issues certificate? CA RA VA CPS |
(CA) Certificate Authority |
|
|
Type of attacks can be mitigated with port security? IP spooking DNA poisoning MAC spoofing MAC flooding |
MAC spoofing MAC flooding |
|
|
Key components of the Common Criteria Evaluation system? Security assurance levels Protection profiles Security functional requirements Evaluation assurance levels |
Protection profiles Evaluation assurance levels |
|
|
Tool to ID out-of-date software, missing patches, system upgrade? Penetration test Network sniffer Vulnerability scanner IDS |
Vulnerability scanner |
|
|
Purpose of WebGoat application? Probes your network for security issues Demonstrates common sever-side security flaws Acts as a honeypot for in the network DMZ Responds to SYN flood attacks |
Demonstrates common server-side security flaws |
|
|
Purpose of analyzing the interrupts within a piece of software? Ensure critical data is not changed on the system Test the access controls Validate the design Determine if secure coding principle were followed |
To ensure critical data is not changed on the system |
|
|
RDP |
Remote Desktop Protocol |
|
|
Term for two # that can be multiplied together to equal a given starting value? Factorization Derivation Trapdooring Hashing |
Factorization |
|
|
NetCat to send TCP b/w 2 Linuz hosts, which command to keep the connection open? Wait Echo Yes Tar |
Yes |
|
|
Name the process: Identify all resources on a target system Rank resources based on their importance ID the potential threats to each resource Determine a mitigation strategy to handle threats |
Vulnerability assessment |
|
|
False statement regarding Network Address Translation (NAT)? PAT uses a many-to-one mapping Dynamic NAT uses a many-to-many mapping Static NAT uses a one-to-one mapping Static NAT uses a one-to-many mapping |
Static NAT uses a one-to-many mapping |
|
|
Biometric scan focuses on a color portion of the user's eye? Iris Retina Corneal Facial recongnition |
Iris |
|
|
Not a threat b/c of a missing security patch? Copying sensitive data to a USB drive Exposure of sensitive files Improper access to databases Exposure of passwords |
Copying sensitive data to a USB drive |
|
|
How to prevent outside the network using Traceroute? |
Add a rule to: Allow ICMP Echo-Request and Echo Reply message for connection originating from within Allow ICMP Fragmentation-DF-Set messages to enter but not leave Allow TTL-Exceed and Port-Unreachable message to only leave but not enter. |
|
|
Where to go to view previous web site versions? Whois.org Archive.org Review the logs for the web server It is not possible to retrieve the old code |
Archive.org |
|
|
Not a component of risk assessment? Logical safeguards Security awareness training Administrative safeguards Physical safeguards |
Security awareness training |
|
|
Rules to mitigate what type of attack: Sensitive data encrypted Interactive logon privileges are restricted Services run as unprivileged accounts Users and applications operate w/ the least privileges Trojan software Privilege escalation Phishing attacks DoS attack |
Privilege escalation |
|
|
Which protocol formats info in XML? CORBA SOAP |
SOAP |
|
|
Which possible mitigation to the use of fragroute by an attack? Expesssion matching Host-based IDS on the exposed system SPAN RSPAN |
Host-based IDS on the exposed system |
|
|
fragroute |
tool used to intercept, modify, and rewrite egress traffic destined for the specified host in such a way that the NIDS cannot recognize the attack signatures. |
|
|
Two of the following are goals of key escrow agreements? Enhance the security of private keys Provide 3rd party access to data Facilitate recovery operations Enhance the security of public keys |
Provide 3rd party access to data Facilitate recovery operations |
|
|
Statement is true regarding an Nmap TCp connect scan? Can detect 3 port states: open, closed, filtered sends a packet w/ only the FIN flag set in the TCP header Very easy to detect on the computer or device being scanned Sends a packet with no flags switched on in the TCP header |
Very easy to detect on the computer or device being scanned. |
|
|
Which scenario needs segregation of duties? User allowed to install his own software and attach hardware Sales group both creates marketing and edits Network admin issues RFID cards and reviews door logs IT techs have passwords of 5 chara, while users have passwords of 12 chara |
Network admin issues RFID cards and reviews door logs |
|
|
Which of the following does a security audit evaluate? Security readiness of the organization Adherence of company to its security policy Execution of the security plan Adherence of company to its security policy to industry standards |
Adherence of company to its security policy |
|
|
Isolate communication for a group and must improve the overall performance? Deploy Bluetooth, and implement a PAN Deploy a switch, and implement a VLAN Deploy 802.11g, and implement WLAN Deploy 802.11b, and implement a WLAN |
Deploy a switch, and implement a VLAN |
|
|
Which is an example of symmetric encryption? Static WEP key Private key Public key File hash |
Static WEP key |
|
|
Which uses a 160 bit encryption? Sha1 Sha2 Sha3 MD5 |
Sha1 |
|
|
Why scan a network via the internet and tunneling through SSH? The scan will complete faster It will scan devices that allow SSH connections The scan will gather more complete information It will allow the scan to evade border sensor |
It will allow the scan to evade border sensor |
|
|
Which of the following uses a rule-based access model? NTFS permissions Routers Hubs US military |
Routers |
|
|
Working remotely what does EFS provide? File and folder encryption File-level security Automatic error recovery Drive encryption |
File and folder encryption |
|
|
attacker used a TOR proxy provides what? Packet fragmentation Location anonymity Overlapping fragments Payload obscurity |
Location anonymity |
|
|
Which statement are true of program ipfwadm? It is a program written for Windows It was replaced by the program ipchains It has additional code that filters for fragmented packets It control the packet filter or firewall capabilities |
It was replaced by the program ipchains It control the packet filter or firewall capabilities |
|
|
Which wireless encryption mechanism uses AES? WEP WPA WPA2 LEAP |
WPA2 |
|
|
Results to following attack: Obtained a valid session ID token via an XSS vulnerability Confirmed that the session ID manager validates the source IP add and spoofed the require IP address Replay the session ID |
Will bu unable to establish an interactive session |
|
|
What is the broadcast address for subnet 191.43.164.0/22? 191.43.164.255 191.43.255.255 191.43.167.255 191.43.165.255 |
191.43.167.255
|
|
|
C++ command to brake down data length when the buffer of 65536 is reached? >= 65536 <= 65536 > 65536 ==65536 |
>=65536 |
|
|
WLAN security measures could be easily defeated with the use of a wireless sniffer? (multi choices) MAC address filters 802.11i Hidden SSID EAP-TTLS WPA2 Enterprise |
MAC address filters Hidden SSID |
|
|
What type of encryption does the Syskey utility utilize? RC2 RC4 RC5 RC6 |
RC4 |
