Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
200 Cards in this Set
- Front
- Back
|
Given: John is a network administrator. he advised the server administrator of his company to implement whitlisting, blacklisting, closing open relays and strong authentication techiques.
Which threat is being addressed? |
Spam
|
|
|
why do security researchers often use virtual machines?
|
To offer an enviroment where malware can be executed with minimal risk to equipment and software.
|
|
|
Which threat is increasted by the availability of protable external storage such as USB hard drives to networks?
|
Removal of sensitive and PII data.
|
|
|
Virtualized applications such as virtualized browers, can protect the underlying operating system from which the the following?
|
Malware installation from suspect Internet sites.
|
|
|
Which description is correct about the application of string of code that could not automatically spread from one system to another but is designed to spread from file to file?
|
Virus
|
|
|
For the following items, which is a security limitation of virtualization technology?
|
If an attack occurs, it could potentially disrupt multiple servers.
|
|
|
Which item specifies a set of consistent requirements for workstation or server?
|
configuration baseline.
|
|
|
Spam is considered to be a problem even when deleted before being opened because spam:
|
wastes comany bandwidth.
|
|
|
What technology is able to isolate a host OS from some types of security threats?
|
Virtualization
|
|
|
Which of the following is the BEST place to obtain a hotfix or patch for an application or system?
|
The maufacturers website
|
|
|
Which of the following programming techniques should be used to prevent buffer overflow attacks?
|
Input validation
|
|
|
Which of the following statements is TRUE regauding the Seurity Token system?
|
If your token does not grant you access to certain information that information will either not be displayed or your access will be denied. The quthentication system creates a token every time a user of session begins. Athe the completion of a session.
|
|
|
Which description is correct about the standard load for all systems?
|
configuration baseline.
|
|
|
To aid in preventing the execution of malicious code in email clients, which of the following should be done by the email administrator?
|
Spam and anti-virus filters should be used.
|
|
|
To reduce vunerabilities on a web server, an administrator should adopt which of the following preventative measures?
|
apply the most recent manufacturer updates and patches to the server.
|
|
|
Which pratice can best code applications in a secure manner
|
Input validation.
|
|
|
Which of the following is common type of attack on web servers?
|
Buffer overflow.
|
|
|
While hardening and operating system, which item is LEAST effective?
|
Installing HIDS.
|
|
|
The employees at a company are using instant messaging on company networked computers. The MOST important security issue is to address when using instand messaging is that instant messaging
|
commmunications are open and unprotected.
|
|
|
Malicious code that enters a target sstem, lays dormant until a user opens the certain program then deletes the contents of attached network drives and removeable storage devices is known as:
|
Logic Bomb
|
|
|
Which of the following are nonessential protocols and services?
|
TFTP (Trivial File Transfer Protocol)
|
|
|
Which action should be performe dto harden workstations and severs
|
Instal only needed software
|
|
|
in computing the basic input/output system (BIOS, alson known as the System BIOS) is a de facto standard defining a firmwareinterface or IBM PC Compatable computers. A user is concerned with the security of their laptops BIOS. The user would not like anyone to be able to access control functions exept themselves. Which of the following could make the BIOS more secure?
|
Password.
|
|
|
A user downloads and installs a new screen saver and the program starts to nemane and delete random files. which of the folloving would be the BEST decription of the program?
|
trojen horse
|
|
|
Which of the following types of malicious software travels across computer netwroks without requiring a user to distibute software?
|
Worm
|
|
|
Which of the following protocols are not recommended due to the supplying passwords and information over the network.
|
SNMP (Simple Network Management Protocol)
|
|
|
Which of the following describes a server or application that is accepting more input than the server or application is expecting?
|
Buffer Overflow
|
|
|
for the following items, which is an example of an attack that executes once a year on a certain date?
|
Logic bomb
|
|
|
Which item can reduce the attack surface of an operating system
|
Disabling unused services.
|
|
|
which description is correct about a way to prevent buffer overflows.
|
Apply all security patches to workstations.
|
|
|
What are best practices while installing and securing a new system for a home user. (Select Three)
|
1. Use a strong firewall
2. Apply all system patches 3. Apply all service packs |
|
|
Which port must be open to allow a user to login remotely onto a workstation?
|
3389
|
|
|
Which of the following would be the MOST common method for attackers to spoof email?
|
Open relays
|
|
|
Which of the following is often misused by spyware to collect and report a users activities.
|
Tracking cookie
|
|
|
Tom is a network technician of his company. Now, he is making a decision between implementing a HIDS on the database server and implemting a NIDS. Why NIDS may be better to implement (Select two)
|
1. Many HIDS are not able to detect network attacks
2. Many HIDS have a negative impact on system performance. |
|
|
Which of the following would be considered a detrimental effect of a virus hoax?
|
1. Technical support resources are consumed by increased user calls
2 Users are tricked into changing the system configuration. |
|
|
which security policy will be most likely used while attempting to mitigate the risks involved with allowing a user to access company email via their cell phone.
|
The cellphone should require a password after a set period of inactivity
|
|
|
Which of the folloing BEST describes the baseline process of securing devices on a network infrastructure.
|
Hardening.
|
|
|
In computing virtulization is a broad term that refers to the abstraction of computer resources. which is a security reason to implement virtulization throughout the network infrastructure?
|
To isolate the various network services and roles
|
|
|
Which of the following types of removable media is write-once and approprite for archiving security logs?
|
CD-R
|
|
|
A PC is rejecting push updates from the server; all other PCs on the network are accepting the updates successfully. What should be examined first?
|
Local firewall.
|
|
|
Pretty Good Priavcy(PGP) uses a PKI Trust Model where no certificate authority (CA) is subordinate to another. The model with no single trusted root is known as:
|
Peer to peer.
|
|
|
Users on a network report that they are recieving unsolicited emails from the same email address. Which action should be performed to prevent this from occuring?
|
Install an anti-spam filter on the domain mail servers and filter the email address.
|
|
|
Malicious software that travels across computer networks without user assistance is an example of a
|
worm
|
|
|
You work as a network administrator for your company. Your company has just detected a malware incident. Which will be your first response?
|
Containment.
|
|
|
Which of the following definitions would be correct regarding Active Inception?
|
Placing a computer system between the sender and receiver to capture information
|
|
|
Which one of the following options will permit an attacker to hide the presence of malicious code through altering the systems process and registry entries?
|
Rootkit.
|
|
|
Patch management must be combined with full-featured systems management to be effective. Determining which patches are needed, applying the patches and which of the following are three generally accepted activities of patch management.
|
Auditing for the successful application of the patches.
|
|
|
The most common exploits of Internet-exposed network services are due to?
|
Buffer overflow
|
|
|
Which of the following can affect heaps and stacks
|
Buffer Overfows
|
|
|
Why malware that uses virtualization techniques is difficult to detect?
|
The malware may be running at a more privileged level that the antivirus software
|
|
|
An SMTP server is the source of email spam in an orginzation. Which of the folloing is MOST likely the cause?
|
Anonymous relays have not been disabled
|
|
|
Which of the following types of programs autonomously relicates itself across networks
|
worm
|
|
|
Which of the following are componets of host hardening (choose two)
|
1 Disabling unnecessary services
2 Applying patches. |
|
|
While monitoring application activity and modification, which system should be used?
|
HIDS
|
|
|
Your company's website permits customers to search for a product and display the current price and quanity avalible of each product from the production database. Which of the following will invalidate an SQL injection attack launched from the lookup field at the web server level?
|
Input validation.
|
|
|
you work as a network technician. You have been asked to reconstruct the infrastructure of an organization. You should make sure that the virtualization technology is implemented securly. What should be taken into consideration while implenting veitualization technology?
|
The technician should verify that the virtual servers and the host have the latest service packs and patches applied.
|
|
|
Which method can be used to correct a single security issue on a workstation?
|
A patch
|
|
|
Which one of the following options overwrites the return adddress within a program to execute malicious code?
|
Buffer Overflow
|
|
|
A peer-to-peer computer network used diverse connectivity between participants in a netowrk and the cumulative bandwidth of network particiapnts rather than conventional centralized resources where a relitively low number of servers provide the core value to a service or application. Which of the following is a security risk while using perr-to-peer software?
|
data leakage.
|
|
|
A technician is helping an organization to correct problems with staff members unknowingly downloading malicious code from inter websites. Which of the following should the technician do to resolve the problem?
|
Disable unauthorized ActiveX controls.
|
|
|
Your system has just stopped respnding to keyboard commands. You noticed that this occurred when a spreadsheet was open and you dialed in to the internet. Which kind of attack has probably occurred?
|
Logic Bomb
|
|
|
Which of the following is an installable package that includes several patches from the same vendor for various applications?
|
service pack
|
|
|
Your're explaining the basics of securiyt to upper management in an attempt t obotain an increase in the networking budget. One of the members of the management team mentions that they've heard of a threat from a virusthat attempts to mask itself biding code from antivirus sofwatre What type of virus is he referring to?
|
Armored virus
|
|
|
which of the following is MOST effective in preventing adware?
|
pop-up blocker
|
|
|
Choose the statement that best details the difference between a worm and a trojan horse?
|
Worms self replicate while trojan horses do not.
|
|
|
A Faraday cage or Faraday shield is an enclosure formed by conducting material, or by mesh of such material. Such an enclosure blocks out external blocks out external static electrical fields. Faraday cages are named after physicist Michael Faraday, who built one in 1836. Which of the following would a Faraday cage prevent the usage of?
|
Cell Phone.
|
|
|
look at following items, which one usually applies specifically to a web browser?
|
Pop-up Blocker
|
|
|
Which of the following network attacks cannot occur in an email attack?
|
Dictionary attack
|
|
|
which of the following attacks are being referred to if someone is accessing your email server and seding imflammatory information to others
|
Repudiation Attack
|
|
|
By which means do most network bound viruses spread
|
E-Mail
|
|
|
Choose the primary disadvantage of using the third party mail relay.
|
Sammers can utilize the third party mail relay
|
|
|
Host intrusion detection systems (HIDS) and network intrusion detection systems (NIDS) are methods of secruty management for computers and networks A HIDS is installed to monitor which of the following?
|
System files
|
|
|
Which security threat will affect PCs and can have its software updated remotely by a command and control center?
|
Zombie
|
|
|
Which of the following web vulnerabilities is being referred to when it receives more data than it is programmed to accept?
|
Buffer Overflow
|
|
|
Which of the following web vulneralbilities is being referred to when it has a feature designed into many e-mail servers that allows them to forward e-mail to other e-mail servers?
|
SMTP Relay
|
|
|
Which of the following definitions BEST suit Java Applet?
|
The client browser must have the ability to run Java applets in virtual machine on
|
|
|
Which of the following definitions BEST suit Buffer Overflow?
|
It receives more data than it is programmed to accept.
|
|
|
An administrator has implemeted a new SMTP service on a server. A public IP address translates to the internal SMTP server. The administrator notices many sessions to the server., and gets notification that the serves public IP address is now reported in a spam real time block list. Which of the following is wrong with server?
|
SMTP open relaying is enabled.
|
|
|
Which of the following would be BEST to use to apply corporate security settings to a device?
|
A security template.
|
|
|
when deploying 50 new workstations on the network, which of the following should be completed FIRST
|
Apply the baseline configuration.
|
|
|
Which will permit a user to float a domain registration for maximum of 5 days?
|
Kiting.
|
|
|
Which is a collection of servers setup t oattract hackers?
|
Honeypot
|
|
|
Which is an area of the network infrastructure that allows a technician to put public facing systems into it without compromising the entire infrastructure?
|
DMZ
|
|
|
The CEO of your comapny is worrying about staff browsing inappropriate material on the Internet via HTTPS. Your company is advised to purchase a product which can decrypt SSL session, scan the content and then repackage the SSL session without staff knowing. Which type of attack is similar to this product?
|
Man in the middle
|
|
|
Tom is a network admin of his company. He guesses that PCs on the internal network may be acting as zombies particiapting in external DDoS attacks. Which item will most effectively confirm the administrators suspicions?
|
Firewall logs
|
|
|
Internet filter appliances/servers will most likely analyze wich three items? (select 3)
|
1 Certificates
2 Content 3 URLs |
|
|
A software or hardware device that allows only authorized network traffic in or out of computer or network is called a...
|
Firewall
|
|
|
which of the following types of attacks is BEST described as an attacker capturing part of a communication and later sending that communication segment to a server while pretending to be the client?
|
Replay
|
|
|
in computer networking, network address translation(NAT) is the process of modifying network address information in datagram packet headers while in transit across a traffic routing device for the purpose of remapping a given address apace into another. Which description is true about a static NAT?
|
A static NAT uses a one to one mapping.
|
|
|
which action should be performed when discovering an unauthorized wireless access point attached to a network?
|
Change the SSID on the wireless access point.
|
|
|
When a new network device is configured for first time installation, which of the following is a security threat?
|
Use of default passwords
|
|
|
What will be implemented by a techician to mitigate the chances of a successful attack againt the wireless network?
|
Implement and authentication system and WPA
|
|
|
Why will a Faraday cage be used?
|
to mitigate data emanation
|
|
|
Coaxial cable is a cable consisting of an inner conductor, surrounded by a tubular insulating layer typically made from a flexble material with a high dielectric constant, all of which is then surrounded by another conductive layer (typically a fine woven wire for flexibility, or of a thin metallic foil), and when finally covered again with a thin insulating layer on the outside. which is a primary security risk with coaxial cable?
|
Data emanation from the core.
|
|
|
Which of the following protions of a companys network is between the internet and an internal network?
|
Demilitarized zone (DMZ)
|
|
|
which of the following is MOST often used to allow a client or partner access to a network?
|
Extranet
|
|
|
Which of the following types of firewalls provide inspection at layer 7 of the OSI model?
|
Application-proxy
|
|
|
Which one of the following is not a Bluetooth threat?
|
a smurf attack
|
|
|
A company implemets an SMTP server on their firewall. This implementation would violate which of the following security principles?
|
Use a decive as intended
|
|
|
A company is upgrading the network and needs to reduce the ability of users on the same floor and network segment to see each other's traffic. Which of the following network devices should be used?
|
Switch
|
|
|
In computing, a Uniform Resource Locator (URL) is a type of Uniform Resource Identifier (URI) that specifies where an identified resource is available and the mechanism for retrieving it. When a user attempts to go to a website, he notices the URL has changed, which attack will MOST likely cause the problem?
|
DNS poisoning.
|
|
|
A company's security specialist is securing a web server that is reachable from the Internet. Th web server is located in the core interal corporate network. The network cannot be redesigned and the server cannot be moved. which of the following should the security specialist impement to secure the web server? (select two)
|
1 Host-based IDS
2 Host-based firewall |
|
|
A denial-of-service attack (DoS attack) or distributed denal-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Which method can be used to perform denial-of-service(DoS) attacks?
|
Botnet
|
|
|
Which item will MOST likely permit an attacker to make a switch function like a hub?
|
MAC flooding
|
|
|
Which of the following identifies the layer of the OSI model where SSL provides encryption
|
Session
|
|
|
Which of the following can be used by a technician to detect staff member that are connecting to an unauthorized website?
|
Protocol analyzer
|
|
|
which of the following would be the BEST reason to disable unnescessary services on a server?
|
Attack serface and opportunity for compromise are reduced.
|
|
|
for the following items, which is a protocol analyzer?
|
WireShark
|
|
|
which of the following is used to determine equipment status and modify the configuration or settings of network devices?
|
SNMP
|
|
|
The purpose of the SSID in a wireless network is to:
|
Identify the network.
|
|
|
to keep an 802.11x network from being automatically discovered, a user should
|
turn off the SSID broadcast
|
|
|
A company wants to connect the network to a manufacturer's network to be able to order parts. which of the following types of networks should the company implement to provide the connection while limiting the services allowed over the connection?
|
Extranet
|
|
|
fiber optic cable is considered safer than CAT5 because fiber optic cable;
|
1 Is not susceptible to inerference
2 is hard to tap in to. |
|
|
Which of the following access attacks would involve looking through your files in the hopes of finding something interesting?
|
Snooping
|
|
|
A company wants to implement a VLAN. Seniour management believes that a VLAN will be secure because authentication is accomplished by MAC addressing and that dynamic trunking protocol(DTP) will facilitar network efficiency. Which of the following issues should be discussed with senior management before VLAN implemetation?
|
MAC addresses can be spoofed and DTP allows rogue network devices to configure.
|
|
|
which description is true about the process of securely removing information from media (e.g. hard drive) for future use?
|
Sanitization
|
|
|
Users are using thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. which mitigation technique would address this concern?
|
1. Disable the USB root hub within the OS
2. Disable USB within the workstations BIOS |
|
|
You are a network technician of your company. You have just detected an intrusion on your company's network from the internet. what should be checked FIRST?
|
The firewall logs
|
|
|
which of the following definitions would be correct regarding Eavesdropping?
|
Listening or overhearing parts of conversation.
|
|
|
which of the folowing would be MOST desirable when attacking encrypted data?
|
weak key
|
|
|
the concept that a web script runs in its own enviroment and cannot interfere with any other process is known as a
|
sandbox
|
|
|
one of the below options is correct regarding the DDoS (distributed denial of service) attack?
|
Use of multiple computers to attack a single organization
|
|
|
An organization needs to monitor all network traffic as it traverses their network. Which term should be used by the technician?
|
Protocol analyzer
|
|
|
An accountant has logged onto the company's outside banking website. An administrator used a TCP/IP monotoring tool to discover that the accountant was actually using a spoofed banking website. What most likely caused this attack?
|
1. Altered hosts file
2. DNS poisoning. |
|
|
Which of the following is employed to allow distrusted hosts to connect to servies inside a network without allowing the hosts direct access to the internal networks?
|
Demilitarized zone.
|
|
|
A honeypot is used to:
|
allow administrators a chance to observe an attack.
|
|
|
Whch of the following common attacks would the attacker capture the user's login information and perplay it again later?
|
Spoofing
|
|
|
Which of the following attacks are being referred to if the attack involves the attacker gaining access to a host in the network and logically disconnecting it?
|
TCP/IP hijacking
|
|
|
Which of the following attacks are being referred to if packets are not connection-oriented and do not require the synchronization process
|
UDP attack
|
|
|
What security application can not proactively detect workstation anoalies?
|
NIDS
|
|
|
From the listing of attacks, choose the attack which exploits session initiation betweein a Transport Control Program (TCP) client and server within a network?
|
SYN attack
|
|
|
Which of the following assessment tools would be MOST appropriate for determining if a password was being sent across the network in clear text?
|
Protocol analyzer
|
|
|
from the listing of attacks, choose the attack which misuses the TCP three-way handshake process, in an attempt to overload network servers, so that authorized users are denied access to network resources?
|
SYN (Synchronize) attack
|
|
|
a protocol analyzer will most likely detect which security related anomalies?
|
Many malformed or fragmented packets
|
|
|
One type of netwrok attack sends two different messages that use the same hash function to genterate the same message digest. Which network attack does this?
|
Birthday attack
|
|
|
In computeing a stateful firewall (any firewall that perfoms stateful packet inspection (SPI) or stateful inspection) is a firewall that keeps track of the state of network connections (suck as TCP streams, UDP communication) traveling across it. You have been stufying stateful packet inspection and want to perform this security technique on the network. Which device will you use to BEST utilize stateful packet inspection?
|
Firewall
|
|
|
The NIC should be placed in which mode to monitor all network traffic, while placing NIDS onto the network?
|
Promiscuous
|
|
|
Which item can be commonly programmed into an application for ease of administration?
|
Back door
|
|
|
Which one of the following options is an attack launched from multiple zombie machine is attempt to bring down a service
|
DDoS
|
|
|
You work as the security administrator at Pass4sure.com. you must configure the firewall to support TACACS. Which port(s) should you open on the firewall?
|
Port 49
|
|
|
which media is LEAST susceptible to a tap being placed on the line?
|
Fiber
|
|
|
Which of the following definitions should BEST suit the functions of an email server?
|
Detect the viruses in the messages received from various sources and send warning to the recipient to warn him/her of the risky mail.
|
|
|
Which method is the easiest to disable a 10Base2 network?
|
Remove the terminator
|
|
|
Which of the following will permit an administrator to find weak passwords on the network?
|
A rainbow table
|
|
|
Which of the following type of attacks would allow an attacker to cature HTTP requests and send back a spoofed page?
|
TCP/IP hijacking
|
|
|
Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?
|
War driving
|
|
|
which of the following BEST describes ARP?
|
Discovering the MAC address of a device from the IP address
|
|
|
Which of the following shold be implemeted to have all workstations isolated in their own broadcast domains?
|
VLANs
|
|
|
Who is responsible for establishing access permissions to network resources in the DAC access control model?
|
The owner of the resource
|
|
|
Which access control system allows the system administrator to establish access permissions to network resources?
|
MAC
|
|
|
Which of the following access control models uses roles to determine access permissions?
|
RBAC
|
|
|
How is access control permissiona established in the RBAC access control model?
|
The role or responsibilities users have in the organization
|
|
|
What does the DAC access control model use to identify the users who have permissions to a resource?
|
Access Control Lists
|
|
|
what does the MAC access control model use to identify the users who have permissions to resource?
|
Predefined access privileges
|
|
|
Which of the following statements regarding the MAC access control models is TRUE?
|
In the Mandatory Access Control(MAC) users cannot share resources dynamically.
|
|
|
Which of the following are types of certificate-based authentcation (select two)
|
1 Many to one mapping
2 one to one mapping |
|
|
The ability to logon to multiple systems with the same credentials is typically known as:
|
single sign on
|
|
|
Remote authentication allows you to authenicate Zendesk users using a locally hosted script. which of the following is an example of remote authentication?
|
A user in one city logs onto a network by connecting to a domain server in another
|
|
|
The DAC (Discretionary Access Control) model has an inherent flaw. Choose the option that describes this flaw
|
The DAC model uses only the identiy of the user or specific process to control access to a resource. This creates a security lopphole
|
|
|
Which of the following roles should you create?
|
Create finance, sales, reaserch and development, and production roles
|
|
|
choose the access control model that allows access control determinations to be performed based on the security labels associated with each user and each data item.
|
MACs (Mandatory Access Control) method
|
|
|
Choose the terminology or concept which best describes a (Mandatory Access Control) model.
|
Lattice
|
|
|
Which authentication method does the following sequence: Logon request, encrypts value response, server, challenge, compare encrypts results, authorize or fail refer to?
|
CHAP
|
|
|
Which of the following types of pubicly accessible servers should have anoymous logins disabled to prevent an attacker from transferring malicious data?
|
FTP
|
|
|
Which of the following will restrict access to files accourding to the identity of the user or group?
|
DAC
|
|
|
Which of the following network authentication protocols uses symmetric key cryptography, stores a shared key for each network resource and uses a Key Distribution Center (KDC)
|
Kerberos
|
|
|
Which of the following access control models uses subject and object labels?
|
Mandatory access control (MAC)
|
|
|
Which of the following access decisions are based on a Mandatory Access Control (MAC) enviroment?
|
Sensitivity lablels
|
|
|
which of the following types of authentication BEST decribes providing a username password and undergoing a thumb print scan to access a workstation
|
Multifactor
|
|
|
Users would not like to enter credentials to each server or application to conduct their normal work. Which type of strategy can solve this problem
|
SSO Single sign on
|
|
|
Kerberos uses which of the following ports by default?
|
88
|
|
|
Which of the following authentication systems make use of the KDC (Key Distribution Center)?
|
Kerberos
|
|
|
Which of the following suthentication methods increases the security of the authentication process because it must be in your physical possession?
|
Smart Cards
|
|
|
Users need to access their email and several secure applications from any workstation on the network in addition, an authentication system implemeted by the adminsitrator requres the use of a username, password, and company issued smartcard. this is an example of which of the following?
|
SSO single sign on
|
|
|
Which of the following statemnts regarding authentication protocols is FALSE?
|
MS-CHAP version 1 is capable of mutual authentication of both the client and the server.
|
|
|
Many unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated to stop this behavior. Which technology should be installed at the data center to prevent piggybacking?
|
Mantrap
|
|
|
Which definition best defines what a challenge response session is
|
A challenge response session is a workstation or system that producesa random challenge string that the user provides, when prompted, in conjunction with the proper PIN
|
|
|
the ahashing algorithm is created from a hash calue, making it nearly impossible to derive the original input number, which item can implent the strongest hashing algorithm?
|
NTLMv2
|
|
|
For which reason are clocks used in Kerberos authenitcation?
|
Clocks are used to ensure that tickets expire correctly.
|
|
|
the VPN typically provides a remote access link from one host to another over:
|
the internet
|
|
|
in which authencation model a ticket granting server is an important concept?
|
Kerberos
|
|
|
In a secure enviroment, which authentication mechanism will perform better?
|
TACACS because it encrypts client-server negotiation dialogs.
|
|
|
which goals can be achieved by use of securty templates? (select two)
|
1. To ensure that servers are in comliance with the corprorate security policy.
2. To ensure that all servers start from a common securty configuration. |
|
|
A newly hired security specialist is asked to evaluate a company's netwrok security. The security specialist discovers that users have installed personal software" the network OS has default setting and no patches have been installed and passwords are not required to be changed regualarly. Which of the following would be the FIRST step to take?
|
Enforce the security policy
|
|
|
Which of the following can be used to implement a procedure t ocontrol inbound and outbound traffic on a network segment?
|
ACL
|
|
|
giving each user or a group of users only the access they need to do their job is an example of which of the following security principles?
|
Least privilege
|
|
|
The CHAP sends a logon request fro mthe client to the server, and the server sends a challenge back to the client. At which stage does the CHAP protocol perform the handshake process? Choose the best complete answer
|
At the stage when the connection is established and at whichever time after connection has been established.
|
|
|
Most key fob based identification systems use which of the following types of authentication mechanisms? (select two)
|
1. Username/Password
2. Token |
|
|
What will allow a technician to restric a user accessing to the GUI?
|
Group policy implementation
|
|
|
which authentication method will prevent a replay attack from occuring?
|
Kerberos
|
|
|
Access controls based on security labels associated with each data item and each user are known as:
|
Mandatory Access Conrol (MAC)
|
|
|
A user is assigned access rights explicitly. This is a feature of which of the following access control models?
|
Discretionary Access Control (DAC)
|
|
|
During which phase of identification and authentication does proofing occur?
|
Identification
|
|
|
when can a single username and passworkd be entered to access mulitple computer applications?
|
Single sign-on
|
|
|
which security action should be finished before access is given to the network?
|
Identification and authentication.
|
|
|
the authenitcation process where the user can access several resources without the need for mulitple credentials is known as:
|
Single sign-on
|
|
|
which item best decribes an instance where a biometric system identifies legitimate users as unauthorized?
|
False rejection
|
|
|
which of the following is the best description about the method of controlling how and when users can access from home?
|
Remote Access policy
|
|
|
what is an example of implicit deny?
|
items which are not spcifically given access are denied by default.
|
