Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/100

Click to flip

100 Cards in this Set

  • Front
  • Back
301. Which of the following are tunneling protocols?

A. IPSec (Internet Protocol Security), L2TP (Layer Two Tunneling Protocol), and SSL (Secure Sockets Layer)
B. IPSec (Internet Protocol Security), L2TP (Layer Two Tunneling Protocol), and PPP (Point-to-Point Protocol)
C. L2TP (Layer Two Tunneling Protocol), PPTP (Point-to-Point Tunneling Protocol), and SSL (Secure Sockets Layer)
D. PPTP (Point-to-Point Tunneling Protocol), L2TP (Layer Two Tunneling Protocol), and IPSec (Internet Protocol Security)
D
302. What are TCP (Transmission Control Protocol) wrappers used for?
A. preventing IP (Internet Protocol) spoofing
B. controlling access to selected services
C. encrypting TCP (Transmission Control Protocol) traffic
D. sniffing TCP (Transmission Control Protocol) traffic to troubleshoot
B
303. Loki, NetCaZ, Masters Paradise and NetBus are all considered what type of attack?

A. brute force
B. spoofing
C. back door
D. man in the middle
C
304. Which protocol is used to negotiate and provide authenticated keying material for-security associations in a protected manner?

A. ISAKMP (Internet Security Association and Key Management Protocol)
B. ESP Incapsulating Security Payload) CompTiA SYO-101
C. SSH (Secure Shell)
D. SKEME (Secure Key Exchange Mechaniam)
A
305. An administrator wants to set up a system for an internal network that will examine all packets for known attack signatures. What type of system will be set up?

A. vulnerability scanner
B. packet filter
C. host based IDS (Intrusion Detection System)
D. network based IDS (Intrusion Detection System)
D
306. Which of the following steps in the SSL (Secure Sockets Layer) protocol allows for client and server authentication, MAC (Mandatory Acceas Control) and encryption algorithm negotiation, and selection of cryptographic keys?

A. SSL (Secure Sockets Layer) alert protocol
B. SSL (Secure Sockets Layer) change cipher spec protocol
C. SSL (Secure Sockets Layer) record protocol
D. SSL (Secure Sockets Layer) handshake protocol
D
307. What type of attack CAN NOT be detected by an IDS (Intrusion Detection System)?

A. DoS (Denial of Service)
B. exploits of bugs or hidden features
C. spoofed e-mail
D. port scan
C
308. A password management system designed to provide availability for a large number of users includes which of the following?

A. self service password resets
B. locally saved passwords
C. multiple access methods
D. synchronized passwords
A
309. What must be done to maximize the effectiveness of system logging?
A.encrypt log files
B. rotate log files
C. print and copy log files
D. review and monitor log files
D
310. Regarding security, biometrics are used for

A. accountability
B. certification
C. authorization
D. authentication
D
311. What fingerprinting technique relies on the fact that operating systems differ in the amount of information that is quoted when ICMP (Internet Control Message Protocol) errors are encountered?

A. TCP (Transmission Control Protocol) options
B. ICMP (Internet Control Message Protocol) error message quenching
C. Fragmentation handling
D. ICMP (Internet Control Message Protocol) message quoting
D
312. Which of the following is a popular VPN (Virtual Private Network) protocol operating at OSI (Open Systems Interconnect) model Layer 3?

A. PPP (Point-to-PointProtocol)
B. SSL (Secure Sockets Layer)
C. L2TP (Layer Two Tunneling Protocol)
D. IPSec (Internet Protocol Security)
D
313. Turnstiles, double entry doors and security guards are all prevention measures for what type of social enginering?

A. piggybacking
B. looking over a co-worker’s shoulder to retrieve information
C. looking through a co-worker’s trash to retrieve information
D. impersonation
A
314. What is the major reason that social engineering attacks succeed?

A. strong passwords are not required
B. lack of security awareness
C. multiple logins are allowed
D. audit logs are not monitored frequently
B
315. Which authentication protocol should be employed to encrypt passwords?

A. PPTP (Point-to-Point Tunneling Protocol)
B. SMTP (Simple Mail Transfer Protocol)
C. Kerberos
D. CHAP (Challenge Handshake Authentication Protocol)
D
316. NAT (Network Address Translation) can be accomplished with which of the following?

A. static and dynamic NAT (Network Address Translation) and PAT (Port Address Translation)
B. static and hide NAT (Network Address Translation)
C. static and hide NAT (Network Address Translation) and PAT (Port Address Translation)
D. static, hide, and dynamic NAT (Network Address Translation)
C
317. In order for an SSL (Secure Sockets Layer) connection to be established between a web client and server automatically, the web client and server should have a(n):

A. shared password
B. certificate signed by a trusted root CA (Certificate Authority)
C. address on the same subnet
D. common operating system
B
318. A mobile sales force requires remote connectivity in order to access shared files and e-mail on the corporate network. All employees in the sales department have laptops equipped with ethemet adapters. Some also have moderns. What is the best remote access solution to allow all sales employees to access the corporate network?

A. ISDN (Integrated Services Digital Network)
B. dial-up
C. SSL (Secure Sockets Layer)
D. VPN (Virtual Private Network)
D
319. An example of a physical access barrier would be

A. video surveillance
B. personnel traffic pattern management
C. security guard
D. motion detector
C
320. What media provides the best protection against electromagnetic interference?

A. coaxial cable
B. IJTP (DNShielded Twisted Pair)
C. STP (Shielded Twisted Pair)
D. fiber optic cable
D
321. Which of the following four critical functions of a VPN (Virtual Private Network) restricts users from using resources in a corporate network?

A. access control
B. authentication
C. confidentiality
D. data integrity
A
322. Of the following, what is the primary attribute associated with e-mail hoaxes?

A. E-mail hoaxes create unnecessary e-mail traffic and panic in non-technical users.
B. E-mail hoaxes take up large amounts of server disk space.
C. E-mail hoaxes can cause buflin overflows on the e-mail server.
D. E-mail hoaxes can encourage malicious users.
A
323. Most certificates used for authentication are based on what standard?

A. 1S019278
B. X.500
C. RFC 1205
D. X.509 v3
D
324. In order for User A to send User B an e-mail message that only User B can read, User A must encrypt the e-mail with which of the following keys?

A. User B’s public key
B. User B’s private key
C. User A’s public key
D. User A’s private key
A
325. What does the message recipient use with the hash value to verify a digital signature?

A. signer’s private key
B. receiver’s private key
C. signer’s public key
D. receiver’s public key
C
326. While surfing the Internet a user encounters a pop-up window that prompts the user to download abrowser plug-in. The pop-up window is a certificate which validates the identity of the plug-in developer. Which of the following best describes this type of certificate?

A. software publisher certificate
B. web certificate
C. CA (Certificate Authority) certificate
D. server certificate
A
327. The public key infrastructure model where certificates are issued and revoked via a
CA (Certificate Authority) is what type of model?

A. managed
B. distributed
C. centralized
D.standard
C
328. Company intranets, newsletters, posters, login banners and e-mails would be good tools to utilize in a security:

A. investigation
B. awareness program
C. policy review
D. control test
B
329. What is a network administrator protecting against by ingress/egress filtering traffic as follows:

Any packet coming into the network must not have a source address of the internal network. Any packet coming into the network must have a destination address from the internal netwoii Any packet leaving the network must have a source address from the internal network. Any packet leaving the network must not have a destination address from the internal networks Any packet coming into the network or leaving the network must not have a source or destination address of a private address or an address listed in RFC19lS reserved space.

A. SYN (Synchronize) flooding
B. spoofing
C. DoS (Denial of Service) attacks
D. dictionary attacks
B
330. When hosting a web server with CGI (Common Gateway Interface) scripts, the directories for public view should have:

A. execute permissions
B. read and write permissions
C. read, write, and execute permissions
D. full control permissions
A
331. When UserA applies to the CA (Certificate Authority) requesting a certificate to allow the start of communication with User B, User A must supply the CA (Certificate Authority) with

A. User A’s public key only
B. User B’s public key only
C. User A’s and User B’s public keys
D. User A’s and User B’s public and private keys
A
332. Which of the following most accurately describes a DMZ (Demilitarized Zone)?

A. an application program with a state that authenticates the user and allows the user to be categorized based on privilege
B. a network between a protected network and an external network in order to provide an additional layer of security
C. the entire area between the network of origin and the destination network
D. an application that allows the user to remove any offensive of an attacker
B
333. Privileged accounts are most vulnerable immediately after a:

A. successful remote login
B. privileged user is terminated
C. default installation is performed
D. full system backup is performed
C
334. A protocol specified in IEEE (Institute of Electrical and Electronics Engineers)
802.11b intended to provde a WLAN (Wireless Local AreaNetwork) with the level of security associated a WAN ( Wireless Local-Area Network) is:

A. WEP (Wired Equivalent Privacy)
B. ISSE (Information Systems Security Engineering)
C. ISDN (tntegrated Services Digital Network)
D. VPN (Virtual Private Network)
A
335. SSL (Secure Sockets Layer) operates between which two layers of the OSI (Open Systems Interconnection) model?

A. application and transport
B. transport and network
C. network and data link CompTIA SYO-1O1
D. data link and physical
A
336. A network attack that misuses TCP’s (Transmission Control Potocol) three way handshake to overload servers and deny access to legitimate users is called a:

A. man in the middle
B. smurf
C. teardrop
D. SYN
D (Synchronize)
337. What are the three entities of the SQL (Structured Query Language) security model?

A. actions, objects and tables
B. actions, objects and users
C. tables, objects and users
D. users, actions and tables
B
338. Which is of greatest importance when considering physical security?

A. reduce overall opportunity for an intrusion to occur
B. make alarm identification easy for security professionals
C. barricade all entry points against unauthorized entry
D. assess the impact of crime zoning and environmental considerations in the overall design
A
339. The flow of packets traveling through routers can be controlled by implementing what type of security mechanism?

A. ACLs (Access Control List)
B. fault tolerance tables
C. OSPF (Open Shortest Path First) policy
D. packet locks
A
340. Clients in Company A can view web sites that have been created for them, but CAN NOT navigate in them. Why might the clients not be able to navigate in the sites?

A. The sites have improper permissions assigned to them.
B. The server is in a DMZ (Demilitarized Zone).
C. The sites have IP (Internet Protocol) filtering enabled.
D. The server has heavy traffic.
A
341. The goal of TCP (Transmission Control Protocol) hijacking is:

A. taking over a legitimate TCP (Transmission Control Protocol) connection
B. predicting the TCP (Transmission Control Protocol) sequence number
C. identifying the TCP (Transmission Control Protocol) port for future exploitation
D. identifying source addresses for malicious use
A
342. The system administrator has just used a program that highlighted the susceptibility of several servers on the network to various exploits. The program also suggested fixes. What type of program was used?

A. intrusion detection
B. port scanner
C. vunerability scanner
D. Trojan scanner
C
343. A password security policy can help a system administrator to decrease the probability that a password can be guessed by reducing the password’s:

A. length
B. lifetime
C. encryption level
D. alphabet set
B
344. How can an e-mail administrator prevent malicious users from sending e-mails from non-existent domains?

A. enable DNS (Domain Name Service) reverse lookup on the e-mail server
B. enable DNS (Domain Name Service) forward lookup on the e-mail server
C. enable DNS (Domain Name Service) recursive queries on the DNS (Domain Name Service) server
D. enable DNS (Domain Name Service) reoccuring queries on the DNS (flomain Name Service) server
A
345. TCP/IP Transmission Control Protocol/Internet Protocol) hijacking resulted from exploitation of the fact that TCP/IP (Transmission Control Protocol/Internet Protocol):

A. has no authentication mechanism, thus allowing a cleartext password of 16 bytes
B. allows packets to be tunneled to an alternate network
C. has no authentication mechanism, and therefore allows connectionless packets from anyone
D. allows a packet to be spoofed and inserted into a stream, thereby enabling commands to be executed on the remote host
D
346. Intruders are detected accessing an internal network The source IP (Internet Protocol) addresses originate from trusted networks. The most comomon type of attack in this scenario is:

A. social engineering
B. TCP/IP hijacking
C. smurfing
D. spoofing
D
347. Which of the following is used to authenticate and encrypt IP (Internet Protocol) traffic?

A. ESP (Encapsulating Security Payload)
B. S/MIME (Secure Multipurpose Internet Mail Extensions)
C. IPSec (Internet Protocol Security)
D. IPv2 (Internet Protocol version 2)
C
348. An administrator is configuring a server to make it less susceptible to an attacker obtaining the user account passwords. The administrator decides to have the encrypted passwords contained within a file that is readable only by root. What is a common name for this file?

A. passwd
B. shadow
C. hosts.allow
D. hosts.deny
B
349. Which of the following is the best IDS (Intrusion Detection System) to monitor the-entire network?

A. a network based IDS (Intrusion Detection System)
B. a host based IDS (Intrusion Detection System)
C. a user based IDS (Intrusion Detection System)
D. a client based IDS (Intrusion Detection System)
A
350. SSL (Secure Sockets Layer) session keys are available in what two lengths?

A. 40-bit and 64-bit
B. 40-bit and 128-bit
C. 64-bit and 128-bit
D. 128-bit and 1,024-bit
B
351. One of the primary concerns of a centralized key management system is that?

A. keys must be stored and distributed securely
B. certificates must be made readily available
C. the key repository must be publicly accessible
D. the certificate contents must be kept confidential
A
352. An extranet would be best defined as an area or zone:

A. set aside for a business to store extra servers for internal use
B. accessible to the general public for accessing the business’ web site
C. that allows a business to securely transact with other businesses
D. added after the original network was built for additional storage
C
353. What standard security protocol provides security and privacy in a WLAN (Wireless Local Area Network)?

A. SWP (Secure WLAN Protocol)
B. WEP (Wired Equivalent Privacy)
C. SSL (Secure Sockets Layer)
D. S/MIME (Secure Multipurpose Internet Mail Extensions)
B
354. What port scanning technique is used to see what ports are in a listening state and then performs atwo way handshake?

A. TCP (transmission Control Protocol) SYN (Synchronize) scan
B. TCP (transmission Control Protocol) connect scan
C. TCP (transmission Control Protocol) fin scan
D. TCP (transmission Control Protocol) null scan
A
355. Performing a security vulnerability assessment on systems that a company relies on demonstrates:

A. that the site CAN NOT be hacked
B. a commitment to protecting data and customers
C. insecurity on the part of the organization
D. a needless fear of attack
B
356. The best reason to perform a business impact analysis as part of the business continuity planning process is to:

A. test the veracity of data obtained from risk analysis
B. obtain formal agreement on maximum tolerable downtime
C. create the framework for desiguing tests to determine efficiency of business continuity plans
D. satisfy documentation requirements of insurance companies covering risks of systems and data important for business continuity
B
357. A FTP (File Transfer Protocol) bounce attack is generally used to:

A. exploit a buffer overflow vulnerability on the FTP (File Transfer Protocol) server
B. reboot the FTP (File Transfer Protocol) server
C. store and distribute malicious code
D. establish a connection between the FTP (File Transfer Protocol) server and another computer
D
358. E-mail servers have a configuration choice which allows the relaying of messages from one e-mail server to another. An e-mail server should be configured to prevent e-mail relay because:

A. untraceable, unwanted e-mail can be sent
B. an attacker can gain access and take over the server
C. confidential information in the server’s e-mail boxes can be read using the relay
D. the open relay can be used to gain control of nodes on additional networks
A
359. S/MIME (Secure Multipurpose Internet Mail Extensions) is used to:

A. encrypt user names and profiles to ensure privacy
B. encrypt messages and files
C. encrypt network sessions acting as a VPN (Virtual Private Network) client
D. automatically encrypt all outbound messages
B
360. A security designer is planning the implementation of security mechanisms in a RBAC (Role Based Access Control) compliant system. The designer has determined that there are three types of resources in the system inclading files, printers, and mailboxes. The organization has four distinct departments with distinct functions including Sales, Marketing, Management, and Production. Each department needs access to different resources. Each user has a workstation. Which roles should be created to support the REAC (Role Based Access Control) model?

A. file, printer, and mailbox roles
B. sales, marketing, management, and production roles
C. user and workstation roles
D. allow access and deny access roles
B
361. A network administrator is having difficulty establishing a L2TP (Layer Two Tunneling Protocol) VPN (Virtual Private Network) tunnel with IPSec (Internet Protocol Security) between a remote dial-up client and the firewall, through a perimeter router. The administrator has confirmed that the cient's and firewall’s IKE (Internet Key Exchange) policy and IPSec (Internet Protocol Security) policy are identical. The appropriate L2TP (Layer Two Tunneling Protocol) and IKE (Internet Key Exchange) transport layer ports have also been allowed on the perimeter router and firewall.

What additional step must be performed on the perimeter router and firewall to allow (Authentication Header) and ESP (Encapsulating Security Payload) tunnel-encapsulated IPSec (Internet Protocol Security) traffic to flow between the client and the firewall?


A. configure the perimeter router and firewall to allow inbound protocol number 51 for ESP (Encapsulating Security Payload) encapsulated IPSec (Internet Protocol Security) traffic
B. configure the perimeter router and firewall to allow inbound protocol number 49 for ESP (Encapsulating Security Payload) and All (Authentication Header) encapsulated IPSec (Internet Protocol Security) traffic.

C. configure the perimeter router and firewall to allow inbound protocol numbers 50 and 51 for ESP (Encapsulating Security Payload) and AH (Authentication Header) encapsulated IPSec (Internet Protocol Security) traffic.

D. configure the perimeter router and firewall to allow inbound protocol numbers 52 and 53 for AH (Authentication Header) and ESP (Encapsulating SecurityPayload) encapsulated IPSec (Internet Protocol Security) traffic
C
362. What is the best method of reducing vuneralbility from dumpster diving?

A. hire additional staff
B. destroy papers and other media
C. install surveillance
D. empty trash can frequently
B
363. One characteristic of biometrics is:

A. it does not require a password
B. it is 100% effective
C. false positives are rare
D. false negatives are rare
A
364. As a security administrator, what are the three categories of active responses relating to intrusion detection?

A. collect additional information, maintain the environment, and take action against the intruder

B. collect additional information, maintain the environment, and take action against the intruder

C. collect additional information, change the environment, and take action against the intruder

D. discard any additional information, change the environment, and take action against the intruder
C
365. Intrusion detection systems typically consist of two parts, a console and a:

A. sensor
B. router
C. processor
D. firewall
A
366. The owner of a file modifies the security settings of that file on the servers to
limit access to specific individuals. Which method of security is being applied?

A. MAC (Mandatory Access Control)
B. DAC (Discretionary Acess Control)
C. SAC (Subject Access Control)
D. RBAC (Role Based Access Control)
B
367. A block cipher is an example of which of the following encryption algorithms?

A. asymmetric key
B. public key
C. symmetric key
D. unkeyed
C
368. What is the best defense against man in the middle?

A. a firewall
B. strong encryption
C. strong authenication
D. strong passwords
B
369. There are a number of ports in TCP/IP that can be scanned, exploited or
attacked. How many ports are vunerable to such operations?

A. 32
B. 1,024
C. 65,535
D. 16,777,216
C
370. Which of the following makes a token based authentication system very diffult
to attack?

A. a token uses a digital certificates
B. a token is something that is physically possessed
C. a token can only be used once
D. a token can only be used by the intended owner.
B
371. What are the 4 major components of ISAKMP?
(Internet Security Association and Key Management Protocol)

A. authentication of peers, threat management, communication management, and cryptographic key establishment.
B. authentication of peers, threat management, communication management, and cryptographic key establishment.
C. authentication of peers, threat management, security association creation and management, cryptographic key establishment and management.
D. authentication of peers, threat management, security association creation, and cryptographic key establishment.
C
372. A major difference between a worm and a Trojan horse is :

A. worms are spread via e-mail and Trojans are not
B. worms are self replicating and Trojans are not
C. worms are a form malicious code and Trojans are not
D. there is no difference
B
373. When a user digitally signs a document an asymmetric algorithm is used to encrypt:

A. secret passkeys
B. file contents
C. certificates
D. hash results
D
374. The main purpose of digital certificates is to securely bind a:

A. public key to the identity of the signer and recipient
B. private key to the identity of the signer and recipient
C. public key to the entity that holds the corresponding private key
D. private key to the entity that holds the corresponding public key
C
375. What protocol should be used to prevent intruders from using access points on a wireless network?

A. ESP (Encapsulating Security Payload)
B. WEP (Wired Equivalent Privacy)
C. TLS (Transport Layer Security)
D. SSL (Secure Sockets Layer)
B
376. What are two common methods when using a public key infrastructure for maintaining access to servers in a network?



A. ACL and PGP.
B. PIM and CRL.
C. CRL and OCSP.
D. RSA and MD2
C
377. Missing audit log entries most seriously affect an organization's ability to:

A. Recover destroyed data.
B. Legally prosecute an attacker.
C. Evaluate system vulnerabilities.
D. Create reliable system backups.
B
378. File encryption using symmetric cryptography satisfies what security requirement?



A. Confidentiality
B. Access control
C. Data integrity
D. Authentication
D
379. Dave is increasing the security of his Web site by adding SSL (Secure Sockets Layer).
Which type of encryption does SSL use?



A. Asymmetric
B. Symmetric
C. Public Key
D. Secret
B
380. During the digital signature process, asymmetric cryptography satisfied what security requirement?



A. Confidentiality
B. Access control
C. Data integrity
D. Authentication
D
381. Which of the following is NOT a characteristic of DEN (Directory Enabled Networking)?



A. It is mapped into the directory defined as part of the LDAP (Lightweight Directory Access Protocol).
B. It is inferior to SNMP (Simple Network Management Protocol).
C. It is an object oriented information model.
D. It is an industry standard indicating how to construct and store information about a network's users, applications and data.
B
382. What would NOT improve the physical security of workstations?


A. Lockable cases, keyboards, and removable media drives.
B. Key or password protected configuration and setup.
C. Password required to boot.
D. Strong passwords.
D
383. Which of the following is a popular VPN (Virtual Private Network) protocol operating at OSI (Open Systems Interconnect) model Layer 3?


A. PPP (Point-to-Point Protocol)
B. SSL (Secure Sockets Layer)
C. L2TP (Layer Two Tunneling Protocol)
D. IPSec (Internet Protocol Security)
D
384. Which of the following describes the concept of data integrity?



A. A means of determining what resources a user can use and view.
B. A method of security that ensures all data is sequenced, and numbered.
C. A means of minimizing vulnerabilities of assets and resources.
D. A mechanism applied to indicate a data's level of security.
B
385. The best protection against the abuse of remote maintenance of PBX (Private Branch Exchange) system is to:


A. Keep maintenance features turned off until needed
B. Insists on strong authentication before allowing remote maintenance
C. Keep PBX (Private Branch Exchange) in locked enclosure and restrict access to only a few people.
D. Check to see if the maintenance caller is on the list of approved maintenance personnel
B
386. You are the first person to arrive at a crime scene. An investigator and crime scene technician arrive afterwards to take over the investigation.
Which of the following tasks will the crime scene technician be responsible for performing?


A. Ensure that any documentation and evidence they possessed is handled over to the investigator.
B. Re-establish a perimeter as new evidence presents itself.
C. Establish a chain of command.
D. Tag, bag, and inventory evidence.
D
387. Forensic procedures must be followed exactly to ensure the integrity of data obtained in an investigation.
When making copies of data from a machine that us being examined, which of the following tasks should be done to ensure it is an exact duplicate?


A. Perform a cyclic redundancy check using a checksum or hashing algorithm.
B. Change the attributes of data to make it read only.
C. Open files on the original media and compare them to the copied data.
D. Do nothing. Imaging software always makes an accurate image.
A
388. Privileged accounts are most vulnerable immediately after a:

A. Successful remote login.
B. Privileged user is terminated.
C. Default installation is performed.
D. Full system backup is performed.
C
389. Which tunneling protocol only works on IP networks?


A. IPX
B. L2TP
C. PPTP
D. SSH
C
390. One of the factors that influence the lifespan of a public key certificate and its associated keys is the:

A. Value of the information it is used to protect.
B. Cost and management fees.
C. Length of the asymmetric hash.
D. Data available openly on the cryptographic system.
A
391. Users who configure their passwords using simple and meaningful things such as pet names or birthdays are subject to having their account used by an intruder after what type of attack?


A. Dictionary attack
B. Brute Force attack
C. Spoofing attack
D. Random guess attack
E. Man in the middle attack
F. Change list attack
G. Role Based Access Control attack
H. Replay attack
I. Mickey Mouse attack
A
392. What port does TACACS use?


A. 21
B. 161
C. 53
D. 49
D
393. What is the advantage of a multi-homed firewall?


A. It is relatively inexpensive to implement.
B. The firewall rules are easier to manage.
C. If the firewall is compromised, only the systems in the DMZ (Demilitarized Zone) are exposed.
D. An attacker must circumvent two firewalls.
A
394. What type of attack CANNOT be detected by an IDS (Intrusion Detection System)?


A. DoS (Denial of Service)
B. Exploits of bugs or hidden features
C. Spoofed e- mail
D. Port scan
C
395. By definition, how many keys are needed to lock and unlock data using symmetric- key encryption?


A. 3+
B. 2
C. 1
D. 0
C
396. Data integrity is best achieved using a(n)

A. Asymmetric cipher
B. Digital certificate
C. Message digest
D. Symmetric cipher
C
397. Which of the following correctly identifies some of the contents of an user's X.509 certificate?

A. User's public key, object identifiers, and the location of the user's electronic identity.
B. User's public key, the CA (Certificate Authority) distinguished name, and the type of symmetric algorithm used for encryption.
C. User's public key, the certificate's serial number, and the certificate's validity dates.
D. User's public key, the serial number of the CA (Certificate Authority) certificate, and the CRL (Certificate Revocation List) entry point.
C
398. SSL uses which port?

A. UDP 443
B. TCP 80
C. TCP 443
D. UDP and TCP 445
C
399. Which of the following is an asymmetric cryptographic algorithm?

A. AES
B. EIGamal
C. IDEA
D. DES
B
400. The Bell La-Padula access control model consists of four elements. These elements are

A. subjects, objects, roles and groups.
B. read only, read/write, write only and read/write/delete.
C. subjects, objects, access modes and security levels.
D. groups, roles, access modes and security levels.
C