• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/278

Click to flip

278 Cards in this Set

  • Front
  • Back
TCP is responsible for addressing packets and sending them on the correct route to the destination, while IP is responsible for reliable packet transmission
False
TCP/IP uses its own five-layer architecture that includes Network Interface, Internet, Control, Transport, and Application
False
IEEE 802.1x is commonly used on wireless networks
True
IP telephony and Voice over IP (VoIP) are identica
False
Despite its promise to dramatically impact IT, cloud computing raises significant security concerns
True
The most common protocol suite used today for local area networks (LANs) as well as the Internet is ____.
A. UDP
b. ASN.1
c TCP/IP
d. BER
C TCP/IP
IP is the protocol that functions primarily at the Open Systems Interconnection (OSI) ____.
a. transport layer
b. network layer
c data link layer
d presentatio layer
B Network Layer
TCP is the main ____ protocol that is responsible for establishing connections and the reliable data transport between devices
a application layer
b presentation layer
c network layer
d transport layer
d transport layer
____ is used to relay query messages
a icmp
b ftp
c udp
d tcp
A icmp
SNMP agents are protected with a password known as a(n) ____ in order to prevent unauthorized users from taking control over a device.
a entity
b comunity string
c MIb
d OID
B community string
The ____ is a database, organized as a hierarchy or tree, of the name of each site on the Internet and its corresponding IP number
a WINS
b NIS
c TACACS+
d DNS
D DNS
DNS poisoning can be prevented by using the latest editions of the DNS software known as ____.
a BIND
b DHCP
c WiNS
d finger
a BIND
TCP port ____ is the FTP control port used for passing FTP commands
a 19
b 20
c 21
d 22
C 21
A ____ forwards packets across computer networks
a bridge
b router
c switch
d hub
B router
Routers operate at the ____ Layer
a transport
b application
c presentation
d network
D network
A ____ is a feature that controls a device’s tolerance for unanswered service requests and helps to prevent a DoS attack.
a flood guard
b protocol guard
c link guard
d frame guard
A flood guard
A ____ can create entries in a log for all queries that are received
a network log
b DHcP log
c DNS log
d proxy log
C DNS log
____ can be used to determine whether new IP addresses are attempting to probe the network.
a DNS logs
b firewall logs
c DHcP logs
d proxy logs
B Firewall logs
Broadcast storms can be prevented with ____.
a spanning tree
b dijkstra's algorithm
c 802.11x
d loop protection
d loop protection
It is possible to segment a network by physical devices grouped into logical units through a(n) ____
a VLAN
b subnets
c IP address
d MAC address
A VLAN
B 22.
D 23.
A 24.
C 25.
B 26.
____ provides a greater degree of security by implementing port-based authentication

a IEEE802.3ad
b IEEE802.11n
c IeEE 802.1x
d IEEE802.1z
C 802.1x
____ is a means of managing and presenting computer resources by function without regard to their physical layout or location
a portability
b virtualization
c availability
d migration assistance
B virtualization
Server virtualization typically relies on the ____, which is software that runs on a physical computer to manage one or more virtual machine operating systems
a kernel
b supervisor
c hypercard
d hypervisor
D hypervisor
____ is a pay-per-use computing model in which customers pay only for the computing resources they need
a cloud computing
b virtualization
c cloud software as a service
d infrastruture as a service
A cloud computing
In the ____ model, the cloud computing vendor provides access to the vendor’s software applications running on a cloud infrastructure
a cloud application as a service
b cloud infrastructure as a service
c cloud software as a service
d cloud system as a service
C cloud software as a service
In the ____ cloud computing model, the customer has the highest level of control.
a cloud application as a service
b cloud infrastruture as a service
c cloud software a a service
d cloud system as a service
B cloud infrastruture as a service
The ____________________ Layer is omitted in the TCP/IP model
physical
A(n) ____________________ is a record of events that occur
log
____________________ servers are intermediate hosts through which Web sites are accessed.
proxy
With operating system virtualization, a(n) ____________________ system is the native operating system to the hardware
host
____________________ computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction
cloud
Used by devices to communicate updates or error information to other devices
ICMP
An attacker can use ICMP messages as one of the first steps in reconnaissance to discover information about the hosts that are part of the networ
Network discovery
Attackers can broadcast a ping request to all computers on the network but change the address from which the request came to that of the target
SmurfDoS attack
A malformed ping using ICMP is sent to the victim’s computer that exceeds the size of an IP packet
Ping of Death
Functions by exchanging management information between networked devices
SNMP
A TCP/IP protocol that resolves (maps) an IP address with its equivalent symbolic name
DNS
Substitutes addresses so that the computer is automatically redirected to another device
DNS poisoning
Can determine that a switch has multiple ways to communicate with a host and then determine the best path while blocking out other paths
STA
Using a data-based OP network to add digital voice clients and new voice applications onto the IP network
IP telephony
Bluetooth devices are not backward compatible with previous versions
False
Because of the weaknesses of WEP, it is possible for an attacker to identify two packets derived from the same IV
True
Because PEAP can be vulnerable to specific types of attacks, Cisco now recommends that users migrate to a more secure EAP than PEAP
False
Because antennas are generally positioned to provide the broadest area of coverage, APs should be located at the end of the coverage area
False
APs use antennas that radiate a signal in all directions
True
Authorization and access are viewed as synonymous and in access control, they are the same step
false
A computer user may be authorized or granted permission to log on to a system by presenting valid credentials, yet that authorization does not mean that the user can then access any and all resources
True
A shield icon warns users if they attempt to access any feature that requires UAC permission
True
The strength of RADIUS is that messages are always directly sent between the wireless device and the RADIUS server.
False
TACACS+ and RADIUS are designed to support hundreds of remote connections
False
The IEEE 802.15.1-2005 Wireless Personal Area Network standard was based on the ____ specifications.
a bluetooth v. 2.1
b. bluetooth v 1.2
c bluetooth v 1.0
d bluetooth v 1.1
B bluetooth v 1.2
A group of piconets in which connections exist between different piconets is called a ____
a broadnet
b honeynet
c boundnet
d scatternet
d scatternet
____ is an attack that sends unsolicited messages to Bluetooth-enabled devices
a bluesnarfing
b bluejacking
c bluecracking
d bluetalking
B bluejacking
____ is an attack that accesses unauthorized information from a wireless device through a Bluetooth connection, often between cell phones and laptop computers
a bluejacking
b bluecracking
c bluesnarfing
d bluetalking
C bluesnarfing
A(n) ____ acts as the “base station” for the wireless network
a AP
b endpoing
c WMM
d ad-hoc peer
A AP
A ____ access point is an unauthorized AP that allows an attacker to bypass many of the network security configurations and opens the network and its users to attacks
a random
b sanctioned
c rogue
d legitimate
C rogue
A 18.
D 19.
B 20.
C 21.
A(n) ____ acts as the “base station” for the wireless network. a.APc.WMM b.endpointd.ad-hoc peer
1 / 1
Points: Reference: 301 ____ is designed to detect any changes in a packet, whether accidental or intentional

a CBC
b CRC
c AES
d TKIP
B CRC
____ is the encryption protocol standard for WPA2
a AES-CCMP
b AES-CTR
c AES-TKIP
d AES-SCMP
A AES-CCMP
____ is a framework for transporting authentication protocols instead of the authentication protocol itself
a PEAP
b TKIP
c SSL
d EAP
D EAP
EAP request packets are issued by the ____.
a supplicant
b authenticator
c authentication server
d proxy
B authenticator
A(n) ____ packet contains a field that indicates the function of the packet and an identifier field used to match requests and responses
a icmp
b tkip
c eap
d radius
c eap
____ requires mutual authentication used for WLAN encryption using Cisco client software.
a leap
b tkip
c eap
d peap
a leap
____ access points are serious threats to network security because they allow attackers to intercept the RF signal and bypass network security to attack the network or capture sensitive data
a legitimate
b rogue
c sanctioned
d twin
B rogue
____ allow a single access point to service different types of users.
a wireless vpn's
b wireless encryption standards
c wireless multimedia protocols
d wireless vlan's
D wireless vlan's
A user or a process functioning on behalf of the user that attempts to access an object is known as the ____.
a subject
b reference monitor
c entity
d label
A subject
A(n) ____ model is a standard that provides a predefined framework for hardware and software developers who need to implement access control in their devices or applications
a accounting
b user control
c access control
d authorization control
C access control
In the UAC dialog boxes, the color ____ indicates the lowest risk
a red
b gray
c yellow
d green
B gray
The ____ model is the least restrictive
a RBAC
b MAC
c CAC
d DAC
d DAC
____ is considered a more “real world” access control than the other models because the access is based on a user’s job function within an organization.
a role based access control
b rule based access control
c discretionary access control
d mandatory access control
A role based access control
____ is often used for managing user access to one or more systems
a role based
b mandatory
c rule based
d discrationary
C rule based
____ requires that if the fraudulent application of a process could potentially result in a breach of security, then the process should be divided between two or more individuals
a seperation of duties
b job rotation
c mandatory vacation
d role reversal
a seperation of duties
A(n) ____ is a set of permissions that are attached to an object
a ACE
b DAC
c entity
d ACL
d ACL
____ indicates when an account is no longer active.
a password expiration
b account expiration
c last login
d account last used
B account expiration
____ is suitable for what are called “high-volume service control applications” such as dial-in access to a corporate network
a radius
b icmp
c ftp
d telnet
A radius
During RADIUS authentication the AP, serving as the authenticator that will accept or reject the wireless device, creates a data packet from this information called the ____.
a accounting request
b access request
c verification request
d authentication request
d authentication request
A 37.
D 38.
B 39.
C 40.
1 / 1
Points: Reference: 351 Entries in the DIB are arranged in a tree structure called the ____. a.DAPc.EAP b.PEAPd.DIT
1 / 1
1 / 1
1 / 1
Points: Reference: 353
1 / 1
6
ID: 975-21-5435
____ is an authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users

a aurora
b kerberos
c CHAP
d TACACS
b Kerberos
____ is an authentication service commonly used on UNIX devices that communicates by forwarding user authentication information to a centralized server
a TACACS
b RADIUS
c Kerberos
d FTP
A TACACS
Entries in the DIB are arranged in a tree structure called the ____
a DAP
b PEAP
c EAP
d DIT
D DIT
The X.500 standard defines a protocol for a client application to access an X.500 directory called ____
a DBI
b DAP
c DIT
d LDAP
b DAP
____ attacks may allow an attacker to construct LDAP statements based on user input statements
a sql injection
b kerberos injection
c ldap injection
d radius injection
C ldap injection
Passwords provide strong protection
False
Using a rainbow table to crack a password requires three steps.
False
Token credentials can be revoked at any time by the user without affecting other token credentials issued to other sites.
True
Today’s operating systems have roots dating back 20 or more years, well before security was identified as a critical process.
True
Trusted OSs have been used since the late 1960s, initially for government and military applications
False
A ____ is a secret combination of letters, numbers, and/or characters that only the user should know.
a token
b password
c biomentric detail
d challenge
B password
The weakness of passwords centers on ____.
a human memory
b encryption technology
c handshake technology
d human reliability
A human memory
A(n) ____ can also capture transmissions that contain passwords
a application analyzer
b system analyzer
c function analyzer
d protocol analyzer
D protocol analyzer
The set of letters, symbols, and characters that make up the password are known as a ____ set.
a result
b problem
c character
d search
C character
Due to the limitations of online guessing, most password attacks today use ____.
a offline cracking
b online cracking
c hash replay
d token replay
A offline cracking
____ attack is where every possible combination of letters, numbers, and characters is used to create encrypted passwords.
a space division
b brute force
c known cipher text
d known plaintext
B brute force
The ____ attack will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters such as @, $, !, or %.
a brute force
b hash replay
c network replay
d hybrid
d hybrid
Although brute force and dictionary attacks were once the primary tools used by attackers to crack an encrypted password, today attackers usually prefer ____.
a rainbow tables
b online cracking
c offline cracking
d cascade tables
a rainbow tables
To create a rainbow table, each ____ begins with an initial password that is encrypted
a link
b chain
c pass
d block
b chain
____ can use fingerprints or other unique characteristics of a person’s face, hands, or eyes (irises and retinas) to authenticate a user.
a cognitive biomentrics
b reactive biometrics
c standard biometrics
d affective biometrics
C standard biometrics
____ is the time it takes for a key to be pressed and then released
a dwell time
b lead time
c sync time
d show time
A dwell time
____ accepts spoken words for input as if they had been typed on the keyboard
a text recogniton
b speech differentiation
c linguistic recognition
d speech recognition
D speech recognition
If a user typically accesses his bank’s Web site from his home computer on nights and weekends, then this information can be used to establish a ____ of typical access.
a usage map
b computer footprinting
c beachead
d system
B computer footprinting
____ is related to the perception, thought process, and understanding of the user.
a standard biomentrics
b reactive biometrics
c cognitive biometrics
d affective biometrics
C cognitive biometrics
It is predicted that ____ could become a key element in authentication in the future.
a cognitive biometrics
b standard biometrics
c reactive biometrics
d affective biometrics
A cognitive biometrics
____ is using a single authentication credential that is shared across multiple networks.
a access management
b authorization management
c identity management
d risk management
C
____ holds the promise of reducing the number of usernames and passwords that users must memorize.
b ISO
b SSO
c SSL
d IAM
b SSO
Windows Live ID was originally designed as a ____ system that would be used by a wide variety of Web servers
a federated identity management
b liberated identity management
c central identity management
d distributed identity management
A federated
Microsoft is Windows ____ is a feature of Windows that is intended to provide users with control of their digital identities while helping them to manage privacy
a CAPI
b MAPI
c CardSpace
d CryptoAPI
c CardSpace
____ permits users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site.
a OpenAuth
b OAuth
c SAML
d Kerberos
B OAuth
An operating system that has been reengineered so that it is designed to be secure from the ground up is known as a ____.
a reference monitor
b transaction monitor
c system monitor
d trusted OS
D trusted OS
In most systems, a user logging in would be asked to ___________________ herself.
identify
The most common type of authentication today is a(n) _________________.
password
A(n) ____________________ attack begins with the attacker creating encrypted versions of common dictionary words, and then comparing them against those in a stolen password file.
dictionary
___________________ is a decentralized open source FIM that does not require specific software to be installed on the desktop.
OpenID
A token __________________ is a unique random string of characters that is encrypted to protect the token from being used by unauthorized parties.
identifier
A password attack in which every possible combination of letters, numbers, and characters is used to create encrypted passwords that are matched with those in a stolen password file
Brute force
Make password attacks easier by creating a large pregenerated data set of encrypted passwords
rainbow tables
A Department of Defense (DoD) smart card used for identification for active-duty and reserve military personnel along with civilian employees and special contractors
CAC
A government standard for smart cards that covers all government employees
PIV
A small device that can be affixed to a keychain with a window display that shows a code to be used for authentication
Token
Using fingerprints or other unique physical characteristics of a person’s face, hands, or eyes for authentication
standard biometrics
Authenticating a user by the normal actions that the user performs
behavioral biometrics
A password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters
hybrid
Prevents a logon after a set number of failed logon attempts within a specified period
account lockout policy
Steganography can use image files, audio files, or even video files to contain hidden information
True
A hash that is created from a set of data can be reversed.
False
Cryptography cannot be applied to entire disks.
false
Self-encrypting HDD is commonly found in copiers and multifunction printers as well as point-of-sale systems used in government, financial, and medical environments
true
Most HSMs are PAN-based appliances that can provide services to multiple devices.
False
Digital signatures actually only show that the public key labeled as belonging to person was used to encrypt the digital signature
True
Digital certificates cannot be used to identify objects other than users
False
Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user’s local system
True
Cryptography cannot protect data as it is being transported across a network
False
Security tools function at the same layer of the Open System Interconnection (OSI) model
false
One of the most famous ancient cryptographers was ____
a albert einstein
b issac newton
c julius caesar
d caesar augustus
C julius caesar
____ is text that has no formatting (such as bolding or underlining) applied
a plaintext
b plain text
c simpletext
d simple text
B plain text
____ ensures that the information is correct and no unauthorized person or malicious software has altered that data
a confidentiality
b availability
c encryption
d integrity
D integrity
The most basic type of cryptographic algorithm is a ____ algorithm
a hash
b key
c digest
d block
A hash
In MD5, the length of a message is padded to ____ bits.
a 32
b 64
c 128
d 512
d 512
Symmetric encryption is also called ____ cryptography
a private key
b public key
c symetric key
d shared key
a private key
The simplest type of stream cipher is a ____ cipher
a shift
b substitution
c lock
d loop
b substitution
____ is designed to replace DES
a AES
b Twofish
c 3DES
d RSA
C 3 DES
The____ is a symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES
a AES
b 3DES
c RSA
d Twofish
A AES
The algorithm ____ is a block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits.
a RSA
b AES
c Blowfish
d 3DES
C Blowfish
The basis for a digital signature rests on the ability of ____ keys to work in both directions
a symetric
b shared
c unique
d asymetric
d asymetric
The ____ algorithm is the most common asymmetric cryptography algorithm and is the basis for several products.
a AES
b RSA
c Twofish
d Blowfish
B RSA
A ____ is a number divisible only by itself and 1
prime number
The ____ is essentially a chip on the motherboard of the computer that provides cryptographic services
a TPM
b SCM
c reference monitor
d ODS
a TPM
____ can be used to ensure the integrity of a file by guaranteeing that no one has tampered with it.
a blocking
b hashing
c encrypting
d cloning
B hashing
____ can protect the confidentiality of an e-mail message by ensuring that no one has read it.
a public encryption
b standard encryption
c asymetric encryption
d symetric encryption
C symetric encryption
____ can verify the authenticity of the sender and enforce nonrepudiation to prove that the sender is who he claims to be and cannot deny sending it
a symetric encryption
b private encryption
c asymetric encryption
d elliptic encryption
C asymetric encryption
The primary function of a(n) ____ is to verify the identity of the individual
a RA
b CA
c DA
d PA
A RA
____ certificates enable clients connecting to the Web server to examine the identity of the server’s owner
a personal digital
b public digital
c private digital
d server digital
D server digital
A class 2 certificate is known as a ____ certificate.
a signing digital
b server digital
c personal digital
d code-signing
B server digital
____ involves public-key cryptography standards, trust models, and key management.
a public key infrastructure
b network key infrastucture
c private key infrastructure
d shared key infrastructure
A public key infrastructure
A ____ trust refers to a situation in which two individuals trust each other because each trusts a third party
a web of
b mutural
c third party
d distributed
c third party
The ____ model is the basis for digital certificates issued to Internet users.
a third party trust
b related trust
c managed trust
d distributed trust
D distributed trust
With the ____ model, there is one CA that acts as a “facilitator” to interconnect all other CAs
a bridge trust
b distributed trust
c third party trust
d transtitive trust
A
At the ____ stage of the certificate life cycle, the certificate is no longer valid.
a creation
b suspension
b revocation
d expiration
C
Key ____ refers to a process in which keys are managed by a third party, such as a trusted CA
a escrow
b destructin
c renewal
d management
A escrow
A 38.
C 39.
B 40.
Key ____ refers to a process in which keys are managed by a third party, such as a trusted CA. a.escrowc.renewal b.destructiond.management
1 / 1
Points: Reference: 472 ____ is a protocol developed by Netscape for securely transmitting documents over the Internet. a.SSLc.PEAP b.TLSd.EAP
1 / 1
Points: Reference: 472 TLS is an extension of ____. a.Telnetc.SSL b.HTTPd.FTP
1 / 1
1 / 1
Points: Reference: 473
1 / 1
6
ID: 975-21-5435
Points: Reference: 470 Key ____ removes all private and public keys along with the user’s identification information in the CA
a renewal
b escrow
c generation
d destruction
D destruction
____ is a protocol developed by Netscape for securely transmitting documents over the Internet.
a SSL
b TLS
c PEAP
d EAP
a SSL
TLS is an extension of ____
a Telnet
b HTTP
c SSL
d FTP
C SSL
____ allows clients and the server to negotiate independently encryption, authentication, and digital signature methods, in any combination, in both directions
A SFTP
b SHTTP
c HTTPS
d Telnets
B SHTTP
The TCP/IP architecture uses how many layers?
a seven
b six
c five
d four
d four
Which of the following would not be a valid Internet Control Message Protocol (ICMP) error message?
a network unreachable
b host unreachable
c router delay
d destination network unknown
C router delay
Each of the following attacks use Internet Control Message Protocol (ICMP) except _________.
a SmurfDoS attack
b ICMP redirect attack
c Ping of death
d ICMP poisoning
D Icmp poisoning
Which version of Simple Network Management Protocol (SNMP) is considered the most secure?
a SNMP v2
b SNMP v3
c SNMPv4
d SNMP v 5
b v3
Which of the following Domain Name System (DNS) attacks replaces a fraudulent IP address for a symbolic name?
a DNS replay
b DNS poisoning
c DNS masking
d DNS forwarding
B poisoning
Which of the following is the most secure protocol for transferring files?
a SCP
b FTPS
c SFTP
d FTP
C SFTP
The address space in an IPv6 header is _____________ bits in length
a 32
b 64
c 128
d 256
c 128
Each of the following is a technique for securing a router except _____________
a make all configuration changes remotely
b secure all ports
c use meaningful router name
d set a strong administrator password
A make all configuration changes remotely
Which of the following is true regarding a flood guard?
a it is a seperate hardware appliance that is located inside the dmz.
b it can be used on either local host systems or network devices.
c it protects a router from password intrusions
d it prevens dos or ddos attacks
D it prevents dos or ddos attacks
Each of the following is a type of a network security hardware log except ______________.
a local host anti-virus log
b NIDS and NIPS logs
c proxy server log
d firewall log
A local host anti virus log
A subset of business continuity planning and testing is disaster recovery, also known as IT recovery planning
False
System availability is often expressed as a percentage of uptime in a year.
True
Duplicate image backups are considered a primary key to uncovering evidence because they create exact replicas of the crime scene
False
RAM slack can contain any information that has been created, viewed, modified, downloaded, or copied since the computer was last booted
True
Most metadata about a file is generated and recorded automatically without the user’s knowledge
True
Audits serve to verify that the security protections enacted by an organization are being followed and that corrective actions can be swiftly implemented before an attacker exploits a vulnerability
True
The objective of incident response is to restore normal operations as quickly as possible with the least possible impact on either the business or the users
True
Most organizations follow a three-phase cycle in the development and maintenance of a security policy
True
A due process policy is a policy that defines the actions users may perform while accessing systems and networking equipment.
False
Education in an enterprise is limited to the average employee
False
____ is designed to ensure that an organization can continue to function in the event of a natural or man-made disaster
a business continuity planning and testing
b disaster planning
c business management planning and testing
d enterprise disaster planning
A business continuity planning and testing
A ____ typically begins by identifying threats through a risk assessment
a BRA
b BAA
c BPA
d BIA
D BIA
____ plans typically include procedures to address redundancy and fault tolerance as well as data backups
a enterprise recovery
b disaster recovery
c business recovery
d emergency
B BAA
In a(n) ____ cluster, a standby server exists only to take over for another server in the event of its failure
a symetric network
b symetric server
c asymetric network
d asymetric server
D asymetric server
In a(n) ____ cluster, every server in the cluster performs useful work.
symetric
____ uses technology to search for computer evidence of a crime, can attempt to retrieve information—even if it has been altered or erased—that can be used in the pursuit of the attacker or criminal
a computer forensics
b penetration testing
c vulnerability testing
d risk management
A computer forensics
ccording to the Federal Bureau of Investigation (FBI), almost ____ percent of crimes committed today leave behind digital evidence that can be retrieved through computer forensics
a 65
b 75
c 85
d 95
C 85
The ____ response team serves as first responders whenever digital evidence needs to be preserved.
a incident
b computer forensics
c risk
d emergency
B computer forensics
In a(n) ____ cluster, every server in the cluster performs useful work. a.symmetric networkc.symmetric server b.asymmetric networkd.symmetric network
1 / 1
1 / 1
0 / 1
1 / 1
1 / 1
Points: Reference: 511 ____ data is the most difficult type of data to capture.
a volatile
b static
c non-volatile
d persistent
A volatile
A ____ is a snapshot of the current state of the computer that contains all current settings and data.
a system standard
b system view
c system image
d system baseline
C system image
A(n) ____ backup is an evidence-grade backup because its accuracy meets evidence standards
a baseline
b mirror image
c logical image
d thin image
B mirror image
Multiple sectors are used to make up a ____
a cluster
b track
c slice
d platter
A cluster
____ could contain remnants of previously deleted files or data from the format pattern associated with disk storage space that has yet to be used by the computer.
a RAM slack
b Edge slack
c drive file slack
d sector slack
C drive file slack
At the heart of information security is the concept of ____
a threat
b mitigation
c risk
d management
c risk
____ may be defined as the components required to identify, analyze, and contain that incident.
a vulnerability response
b incident response
c risk response
d threat response
B incident response
A ____ is a written document that states how an organization plans to protect the company’s information technology assets
a security policy
b guideline
c security procedure
d standard
A security policy
A ____ is a document that outlines specific requirements or rules that must be met
a procedure
b standard
c guideline
d policy
D policy
___ are generally considered to be the most important information security policies.
a acceptable use policies
b encryption policies
c data loss policies
d VPN policies
A acceptable use
A(n) ____ policy outlines how the organization uses personal information it collect
a VPN
b network
c encryption
d privacy
d privacy
A policy that addresses security as it relates to human resources is known as a(n) ____ policy
a VPN
b acceptable use
c security related human resource
d technical
c security related human resource
____ are values that are attributed to a system of beliefs that help the individual distinguish right from wrong
a morals
b ethics
c standards
d morays
A morals
____ can be defined as the study of what a group of people understand to be good and right behavior and how people make those judgment
a values
b morals
c ethics
d standards
C ethics
A(n) ____ policy is designed to produce a standardized framework for classifying information assets.
a VPN
b acceptable use
c privacy
d classification of information
D classification of information
____ networks are typically used for connecting devices on an ad hoc basis for file sharing of audio, video, and data, or real-time data transmission such as telephony traffic
a peer
b client-server
c P2P
d share
C P2P
The Web sites that facilitate linking individuals with common interests like hobbies, religion, politics, or school contacts are called ____ sites.
a social networking
b social engineering
c social management
d social control
a social networking
A(n) ____ approach is the art of helping an adult learn
a andragogical
b pedagogical
c deontological
d metagogical
a andragogical
____ learners learn through taking notes, being at the front of the class, and watching presentations
a kinesthetic
b auditory
c spatial
d visual
d visual
____ learners learn through a lab environment or other hands-on approaches
a visual
b auditory
d kinesthetic
d spatial
c kinesthetic
The TCP/IP architecture uses how many layers?
a seven
b six
c five
d four
four
Which of the following would not be a valid Internet Control Message Protocol (ICMP) error message?
a network unreachable
b host unreachable
c router delay
d destination network unknown
router delay
Each of the following attacks use Internet Control Message Protocol (ICMP) except _________.
a SmurfDoS attack
b ICMP redirect attack
c ping of death
d ICMP poisoning
D ICMP poisoning
Each of the following is a technique for securing a router except _____________.
a.make all configuration changes remotely
b secure all ports
c use a meaningful router name
d set a strong administrator password
A make all configuration changes remotely
Which of the following is true regarding a flood guard?
a it is a separate hardware appliance that is located inside the dMZ
b it can be used on either local host systems or network devices
c it protects a router from password inttrusions
d it prevents doS or DDoS attacks
D it prevents DoS or DDoS attacks
Each of the following is a type of a network security hardware log except ______________.
a local host anti virus log
b NIDS and NIPS logs
c proxy server log
d firewall log
A local host anti virus log
Each of the following is an entry in a fireall log that should be investigated except _____________.
a IP addresses that are being rejected
b suspicious outbound connections
c IP addresses that are gbeing dropped
d successful logins
D successful logins
If a group of users must be separated from other users, which is the most secure network design?
a use a VLAN
b connects them to different swithes and routers
c use a subnet mask
d it is impossible to searate users on a network
B different switches and routers
Why is loop protectino necessary?
a it denies attackers from launching DDoS attacks
b it prevents a broadcast storm that can cripple a network
c it must be installed before IEEE 802.1d can be implemented
d it makes a DMZ more secure
B prevents broadcast storm
What does MAC limiting and filtering do?
a limits devices that connect to a switch
b prevents address resolution protocol spoofing
c it provides security for a router
d allows only approved wireless devices to connect to a network
A limits devices that can connect to a switch
n a network using IEEE 802.1x, a supplicant ___________________.
a makes a request to the authenticator
b contacts the authentication server directly
c can only be a wireless device
d must use IEEE 802.11d to connect to the network
A makes the request to the authenticator
Which of the following is true regarding security for a computer that boots to Apple Mac OS X and then runs a Windows 7 virtual machine?
a.The security of the Apple Mac OS X
c.The Windows 7 virtual machine needs its completely protects the Windows 7 own security. virtual machine
. b.The security of the Windows 7 virtural
d.The hypervisor protects both the Apple machine completely protects the Apple Mac OS X and Windows 7 operating Mac OS X.systems
C the windows 7 machine needs it's own security
Which of the following is not an advantage of host virtualization?
a.Penetration testing can be performed
c.Security patches can be tested. using a simulated network environment on a computer using multiple virtual machines.
b.Only one copy of anti-virus software is
d.Host operating system virtualization can needed.be used for training purposes
B only one copy of anti virus software is needed
Which of the following is not a security concern of virtualized environments?
a.Virtual machines must be protected from
c.Live migration can immediately move both the outside world and also from one virtualized server to another other virtual machines on the same hypervisor. physical computer.
b.Virtual servers are less expensive than
d.Physical securtiy appliances are not their physical counterparts.always designed to protect virtual systems
B virual servers are less expensive than physical.
_____________ is adding digital voice clients and new voice applications onto the IP network
a voip
b ip telephony
c tcp/ip convergence
d vvoice packet consolidation (VPC)
B ip telephony
Which of the following is not a characteristic of cloud computing?
a limited client support
b on-demand self service
c immediate elasticity
d metered serveices
a limited client support
Bluetooth falls under the category of ______________
al local area network
b short area network
c paired device network
d personal area network
D personal area network PAN
A Bluetooth network that contains one master and at least one slave using the same RF channel forms a ______________.
a cluster
b grouping
c scattingnet
d piconet
D piconet
___________ is the unauthorized access of information from a wireless device through a Bluetooth connection
a bluejacking
b bluetooth snatching
c bluetooth spoofing
d bluesnarfing
D bluesnarfing
The IEEE _______ standard specifies a maximum rated speed of 54 Mbps using the 5 GHz spectrum
a 801.11
b 802.11a
c 802.11b
d 802.11g
B 802.11a
Each of the following is an advantage if IEEE 802.11n except ____________.
a smaller coverage area
b faster speed
c less interference
d stronger security
A smaller coverage area
Which of the following is not found in a residential WLAN gateway?
a intrusion detection system
b firewall
c router
d DCHP
A intrusion detection system IDS
Which of the following is not a requirement for war driving?
a wireless nic adapter
b antennas
c gps receiver
d mobile computer device
c gps
The primary design of a(n) __________ is to capture the transmissions from legitimate users
a evil twin
b bluetooth grabber
c WEP
d rogue access point
D rogue access point
Which of the following is a vulnerability of MAC address filtering?
a the user must enter the MAC
b AP's use ip addresses instead of MAC's
c notall operating systems support MaC's
d MAC addresses are initially exchanged between wireless devices and the aP in an unencrypted format
D
Each of the following is a limitation of turning off the SSID broadcast from an AP except ____________
a the ssid can easily be discovered, even when it is not contained in beacon frames, because it is still transmitted in other management frames sent by the ap.
b turning off the ssid broadcast may prevent users from being able to freely roam from one ap coverage area to another
d users can more easily roam from one wlan to another
d
The primary weakness of wired equivalent privacy (WEP) is ________________.
a.its usage creates a detectable pattern
c.it only functions on specific brands of APs
b.initializaiton vectors (IVs) are difficult
d.it slows down a WLAN from 104 Mbps for users to managerto 16 Mbp
A its usage creates a detectable pattern.
The two models for personal wireless security developed by the Wi-Fi Alliance are Wi-Fi Protected Access (WPA) and _____________
a protected wireless security wps
b IEEE 802.11ai
c postshared key protection pkp
d wi-fi protected access 2 wpa2
d wpa2
WPA replaces WEP with ____________.
a tkip
b crc
c mic
d wpa2
A tkip
A preshared key (PSK) of fewer than _____________ characters may be subject to an attack if that key is a common dictionary word
a six
b twelve
c sixteen
d twenty
D twenty
A WEP key that is 128 bits in length __________________. a.cannot be used on access points that use
c.has an initialization vector (IV) that is the passphrasessame length as a WEP key of 64 bits
b.is less secure than a WEP key of 64 bits
d.cannot be cracked because it is too long because shorter keys are stronge
C
AES-CCMP is the encryption protocol standard used in ____________. a.WPA2
c.WPA
b.IEEE 802.11
d.Bluetooth
A
What is the Extensible Authentication Protocol (EAP)?
a.A subnet of WPA2
c.EAP is a framework for transporting authentication protocols
b.EAP is the protocol used in TCP/IP for
d.A technology used by IEEE 802.11 for authenticationencryption
C
Which technology should be used instead of LEAP? a.STREAKc.REAP b.LEAP-2d.PEAP
D
Each of the following is a type of wireless AP probe except ____________. a.wireless device probec.AP probe b.dedicated probed.WNIC probe
D
The most flexible approach for a wireless VLAN is to have which device separate the packets? a.firewallc.NIC b.APd.route
B
A RADIUS authentication server requires that the ________ be authenticated first. a.authentication serverc.authenticator b.supplicantd.user
B
Each of the following make up the AAA elements in network security except __________. a.controlling access to network resources c.determining user need (analyzing) (authentication) b.enforcing security policies d.auditing usage (accounting) (authorization)
?
With the development of IEEE 802.1x port security, the authentication server _______ has seen even greater usage. a.RDAPc.RADIUS b.DAPd.AAA
C
___________ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux
C
The version of the X.500 standard that runs on a personal computer over TCP/IP is ________. a.DAPc.IEEE X.501 b.LDAPd.Lite RDAP
B
A user entering her user name would correspond to the ___________ action in access control. a.authenticationc.authorization b.identificationd.access
B
a process functioning on behalf of the user that attempts to access a file is known as a(n) __________. a.objectc.resource b.subjectd.operation check
B
The individula who periodically reviews security settings and maintains records of access by users is called the ____________. a.supervisorc.custodian b.ownerd.manager
C
In the ___________ model, the end user cannot change any security settings. a.Discretionary Access Controlc.Mandatory Access Control b.Security Access Controld.Restricted Access Control
C
Rule Based Access Control ____________. a.is considered obsolete todayc.is considered a real-world approach by linking a user’s job function with security b.dynamically assigns roles to subjects d.requires that a custodian set all rules based on rules
B
Separation of duties requires that _____________. a.processes should be divided between two c.managers must monitor owners for or more individualssecurity purposes b.end users cannot set securiy for d.jobs be rotated among different themselvesindividuals
A
__________ in access control means that if a condition is not explicitly met then access is to be rejected. a.Denial of dutiesc.Explicit rejection b.Implicit denyd.Prevention contro
B
A(n) _________ is a set of permissions that is attached to an object. a.access control list (ACL)c.object modifier b.Subject Access Entity (SAE)d.security entry designator
A
__________ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory. a.Windows Register Settingsc.Resource Allocation Entities b.Group Policyd.AD Management Services (ADMS)
B
A(n) __________ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents. a.SQL/LDAP insert attackc.LDAP injection attack b.modified Trojan attackd.RBASE plug-in attack
C
The least restrictive access control model is ___________. a.Role Based Access Control (RBAC)c.Discretionary Access Control (DAC) b.Mandatory Access Control (MAC)d.Rule based Access Control (RBAC)
C
The principle known as ________ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function. a.Enterprise Securityc.deny all b.least privileged.Mandatory Limitations
B
A(n) ___________ is the person responsible for the information and determines the level of security needed for the data and delegates security duties as required. a.ownerc.end user b.custodiand.administrator
A
In the Mandatory Access Control (MAC) model, every subject and object _____________. a.is restricted and cannot be accessedc.can be changed by the owner b.is assigned a labeld.must be given a number from 200-900
B
A user account that has not been accessed for a lenthy period of time is called a(n) ___________ account. a.orphanedc.static b.limbod.dormant
D
Each of the following is a type of authentication credential except ____________. a.what you have c.what you discover b.what you ared.what you know
C
Which of the following is not a reason why users create weak passwords? a.A lengthy and complex password can be c.having multiple passwords makes it hard difficult to memorize.to remember all of them. b.A security policy requires a password to d.Most sites force users to create weak be changed regularyly.passwords although they do not want to
D
Which of the following attacks on passwords requires the attacker to have physical access to the computer to insert a USB flash drive? a.Resettingc.Social engineering b.Capturingd.Online guessing
A
What is a hybrid attack? a.An attack that combines a dictionary attack with an online guessing attack b.A brute force attack that uses special tables
c.An attack that slightly alters dictionary words d.An attack that uses both automated and user input
C
A token code is valid ______________. a.for as long as it appears on the devicec.only for the user who possesses the device b.for up to 1 hour
d.if it is longer than 8 characters
A
a token system that requires the user to enter the code along with a PIN is called a ___________. a.single-factor authentication systemc.multi-factor authentication system b.dual-prong verification system
d.token-passing authentication system
C
A ______________ is a U.S. Department of Defense (DoD) smart card that is used for identification for active-duty and reserve military personnel. a.Personal Identity Verification (PIV) cardc.Secure ID Card (SIDC) b.Government Smart Card (GSC)d.Common Access Card (CAC)
D
Keystroke dynamics is an example of ________ biometrics. a.resource c.adaptive b.cognitived.behavioral
D
Creating a pattern of when and from where a user accesses a remote Web account is an example of _____________. a.Time-Location Resource Monitoring c.cognitive biometrics (TLRM) b.keystroke dynamicsd.computer footprintin
D
_____________ is a decentralized open source FIM that does not require specific software to be installed on the desktop. a.SSO Login Resource (SSO-LR)c.OpenID b.Windows CardSpaced.Windows Live ID
C
Which of the following human characteristics cannot be used for biometric identification? a.facec.fingerprint b.weightd.retina
B
__________ biometrics is related to the perception, thought processes, and understanding of the user. a.Standardc.Behavioral b.Intelligentd.Cognitive
D
Using one authentication credential to access multiple accounts or applications is known as ___________. a.credentializationc.single sign-on b.identification authenticationd.federal login
C
A disadvantage of biometric readers is ____________. a.speedc.cost b.sized.standard
C