Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
15 Cards in this Set
- Front
- Back
|
Enforcing minimum privileges for general system users can be easily achieved through the use of:
A. A.RBAC B. B.PRVMIN C. C.TSTEC D. D.IPSEC |
A. RBAC
Explanation: Ensuring least privilege requires identifying what the user's job is, determining the minimum set of privileges required to perform that job, and restricting the user to a domain with those privileges and nothing more. By denying to subjects transactions that are not necessary for the performance of their duties, those denied privileges couldn't be used to circumvent the organizational security policy. Although the concept of least privilege currently exists within the context of the TCSEC, requirements restrict those privileges of the system administrator. Through the use of RBAC (role based access control), enforced minimum privileges for general system users can be easily achieved. |
|
|
What process determines who is trusted for a given purpose?
A. Authorization B. Authentication C. Identification D. Accounting |
A. Authorization
Explanation: Authentication and identification are both related to determining who a user is. Typically authentication is performed prior to authorization, since except for cases of authorizing the activities of anonymous users (such as those viewing a web site), the system needs to know who the user is, before it is able to test for what the user is allowed to do. Accounting provides for the logging of system events, user activities, etc. |
|
|
Which of the following tools can you use to assess your network's vulnerability?
A. ISS B. Ballista C. SATAN D. No Answer is Correct |
A. ISS
B. Ballista C. SATAN Explanation: ISS, Ballista and SATAN are all vulnerability scanning tools. These tools look for the same sorts of system information and system vulnerabilities that crackers look for, when analyzing potential intrusion targets. They are often used during penetration tests, in which technicians attempt to carry out an intrusion on a network or a particular system. |
|
|
Which of the following services should be logged for security purpose?
A. bootp B. tftp C. sunrpc D. No Answer is Correct |
A. bootp
B. tftp C. sunrpc Explanation: Requests for the following services should be logged on all systems: systat, bootp, tftp, sunrpc, snmp, snmp-trap, nfs. This list is rather UNIX-centric, nevertheless, it's possible for many of those services to be running on Windows as well (if you're running them, log them!). |
|
|
An attack in which a duplicate MD5 hash to a message or document is known as a
A. Hash attack B. Birthday attack C. PGP attack D. All choices are correct E. No choice is correct |
D. All choices are correct
Explanation: This refers to the math paradox that as few as 23 or more people are gathered in a room, there are better than even odds that some pair of them will share a common birthday. MD5 attacks appear most often in searches. Birthday Attack |
|
|
An attack against an authentication server can be accomplished by
A. brute force attack B. dictionary attack C. a server without a failed login attempt counter enabled D. Teardrop attack |
A. brute force attack
B. dictionary attack C. a server without a failed login attempt counter enabled Explanation: Password guessing is easily accomplished with software programs (Asmodeus or L0phtCrack) designed for this exploit. The two common approaches are brute force and dictionary. |
|
|
Select the types of malicious code from the choices given
A. Viruses B. Trojan Horses C. Logic Bombs D. Worms E. Foxes |
A. Viruses
B. Trojan Horses C. Logic Bombs D. Worms Explanation: Viruses, Trojan Horses, Logic Bombs and Worms are all forms of malicious code. Keep in mind that each of these terms has a specific sub-domain in the Security+ objectives. |
|
|
What is the name of the attack that masquerades as one type of program but has hidden functions?
A. Worm B. Logic Bomb C. Virus D. Trojan Horse E. All are correct choices |
D. Trojan Horse
Explanation: Trojan horses are difficult to detect with IDS. They can be used for DDoS attacks. Sub Seven is a popular Trojan horse. A trojan horse tricks the user into installing the program when they think it is something else. |
|
|
What is the name of malicious code that does not require a host program and can replicate itself across a network?
A. Logic Bomb B. Trojan Horse C. Virus D. Worm E. No choice is correct |
D. Worm
Explanation: Unlike viruses and Trojan horses, a worm does not need a host. The most famous worms are the Morris worm and Code Red |
|
|
The type of attack that cannot be detected with any technology is
A. Robbery B. Social engineering C. Trojan Horse D. Worm E. DoS attack |
B. Social engineering
Explanation: Since social engineering is an attack on human nature against an authorized user it is not possible to detect with technology. |
|
|
Which of the following is a MUST have for all implementations of IPSec?
A. Security Association B. Security ID C. Serial number D. Version number |
B. Security ID
|
|
|
With IPSEC, in each encrypted session we can find ____________ SA(s).
A. A One B. Two C. Four D. Eight |
*B. Two
|
|
|
WEP offers
A. In theory, the same security that a wired LAN does B. Greater protection than a wired LAN C. Less protection than a wired LAN D. No choice is correct |
A. In theory, the same security that a wired LAN does
|
|
|
VPN provide
A. Access to a private LAN using a public infrastructure such as the Internet B. Two firms to conduct business, accessing private data areas using a public infrastructure such as the Internet C. All choices are correct D. No choice is correct |
C. All choices are correct
|
|
|
TACACS+ is an update to TACAS and is backwards compatible.
A. True B. False |
False
Despite the similarity of the Acronym’s TACACS+ is NOT compatible with TACAS (Terminal Access Controller Access Control System) |
