Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
32 Cards in this Set
- Front
- Back
|
1. You hear a reference to the rainbow series. What is it referring to? a. A reference to a cartoon show. b. An attack against high-color video cards c. A series of early DoD security standards d. A set of pre-computed hash tables for hacking passwords |
c. A series of early DoD security standards
|
|
|
2. The primary advantage of symmetric key encryption is: a. Key exchange b. Speed c. Nonrepudiation d. Cost |
b. Speed
|
|
|
3. Which of the following are block-based symmetric algorithms? (Choose all that are correct.) a. RSA b. 3DES c. AES d. MD5 |
b. 3DES c. AES |
|
|
4. Which of the following items are not standard fields on an X.509 certificate? a. Serial Number b. Reason for Revocation c. Certificate Usage d. Version Number |
b. Reason for Revocation
|
|
|
5. You are a member of a team that is going to perform a forensics capture of a desktop PC that is turned off. Which is the best order of capture? a. Boot the system, RAM, hard drive b. Boot the system, hard drive, BIOS settings c. Hard drive, BIOS settings, external media d. Boot the system, hard drive, thumb drive |
b. Boot the system, hard drive, BIOS settings
|
|
|
6. The new trend of “bring your own device” (BYOD) to work is a further example of what? a. De-perimeterization b. Expanding enterprise standard operating environment c. SLAs d. Managed security services |
a. De-perimeterization
|
|
|
7. The components of a PKI include all of the following except: a. Certificate Authority (CA) b. Validation Authority (VA) c. Registration Authority (RA) d. X.509 certificates |
b. Validation Authority (VA)
|
|
|
8. OCSP is best described as: a. A replacement for standard PKI, taking advantage of Web 2.0 capabilities b. An alternative to the X.509 certificate format c. A service for transferring certificates securely between parties d. An alternative to certificate revocation lists |
d. An alternative to certificate revocation lists
|
|
|
9. Entropy is important in encryption because: a. Increasing apparent randomness in plaintext can reduce patterns that might enable some forms of differential cryptographic attack. b. It is a measure of the strength of an algorithm and key. c. Increasing entropy increases the speed of encryption and decryption. d. Entropy creates a random seed or initialization vector for the algorithm. |
a. Increasing apparent randomness in plaintext can reduce patterns that might enable some forms of differential cryptographic attack.
|
|
|
Which two elements must exist to ensure perfect forward secrecy? a. Keys are not reused; new keys cannot be derived from existing keys. b. Keys are not reused; new keys use a different algorithm. c. Only AES can offer perfect forward secrecy. d. Keys must be stored in a TPM chip. |
a. Keys are not reused; new keys cannot be derived from existing keys.
|
|
|
11. Which of the following authentication types is used primarily to authenticate users through the use of tickets? a. LDAP ( lightweight directory access protocol)b. RADIUS ( Remote authentication dail-in user service) c. TACACS+ ( terminal access controller access control system) d. Kerberos Note* ticket granted tickets |
d. Kerberos
|
|
|
A company named NEC has recently completed the connection of its network to a national high speed private research network. Local businesses in the area are seeking sponsorship from Company NEC to connect to the high speed research network by directly connecting through Company NEC's network. Company NEC's Chief Information Officer (CIO) believes that this is an opportunity to increase revenues and visibility for the company, as well as promote research and development in the area. Which of the following must Company NEC require of its sponsored partners in order to document the technical security requirements of the connection? a. SLA (service level agreement) b. ISA (interconnection security agreement) c. NDA (nondisclosure agreement) d. BPA (business partnership security agreement) |
b. ISA (interconnection security agreement)
|
|
|
Your organization is considering migrating a group of 100 physical servers to a virtualized infrastructure using a 5:1 consolidation ratio. If each of the physical servers costs $0.50 a day to power and cool, and the virtual servers will cost $2.25 a day to power and cool, how much money every 30 days will your organization save in power and cooling costs by virtualizing? a. $50.25 b. $110.00 c. $150.00 d. $155.25 |
c. $150.00
|
|
|
14. Double-tagging takes advantage of the backward-compatibility features of what protocol? a. 802.lx b. 802.lq c. 802.le d. 802.lw |
b. 802.lq (trunking protocol)
|
|
|
You've just learned that the records of your customer relationship management software are contained in the same database as the forum posts for an automotive enthusiast chat board. What attack method may allow unauthorized personnel to access your data through the automotive forum if their application does not filter user input and the database is not properly configured? a. Unvalidated redirects and forwards b. Insecure direct object references c. SQL injection d. Session hijacking |
c. SQL injection
|
|
|
A security analyst at Extra.com has been trying to convince the Information Security Officer (ISO) to allocate budget towards the purchase of a new intrusion prevention system (IPS) capable of analyzing encrypted web transactions. Which of the following should the analyst provide to the ISO to support the request? (Select TWO). a. Emerging threat reports b. Company attack tends c. Request for Quote (RFQ) d. Best practices e. New technologies report |
a. Emerging threat reports b. Company attack tends |
|
|
The security administrator is receiving numerous alerts from the internal IDS of a possible Virus infection spreading through the network via the Windows file sharing services. Given the size of the company which deploys over 30,000 workstations and 2,000 servers, the security engineer believes that the best course of action is to block the file sharing service across the organization by placing ACLs on the internal routers. Which of the following should the security administrator do before applying the ACL? a. Quickly research best practices with respect to stopping the Virus infections and implement the solution. b. Consult with the rest of the security team and get approval on the solution by all the team members and the team manager. c. Apply the ACL immediately since this is an emergency that could lead to a widespread data compromise. d. Call an emergency change management meeting to ensure the ACL will not impact core business functions |
d. Call an emergency change management meeting to ensure the ACL will not impact core business functions.
|
|
|
Which of the following is a primary difference between a Storage Area Network (SAN) and a network attached Storage (NAS)? a. A NAS is usually larger and provides access to more storage. b. A NAS uses Ethernet for connectivity whereas a SAN does not. c. A NAS is a device whereas a SAN is a dedicated network. d. A SAN only provides file-based access. |
c. A NAS is a device whereas a SAN is a dedicated network
|
|
|
Which of the following is a best practice for configuring logical user number (LUNs) on a SAN? a. Allowing direct Internet access to the SAN b. Masking LUNs so users can only see the LUNs they are supposed to see c. Allowing authenticated users access to all LUNs in your organization d. Routing traffic to the SAN across the network used for VoIP traffic |
b. Masking LUNs so users can only see the LUNs they are supposed to see
|
|
|
In reference to a logical disk with in a SAN, the term LUN stands for: a. Local unit network b. Logical unit network c. Logical unit number d. Local unit number |
c. Logical unit number
|
|
|
The two main benefits of multipath are: a. Minimal hardware requirements and increased capacity b. Load balancing and custom traffic filtering c. Availability and security d. Reliability through redundancy and increased performance |
d. Reliability through redundancy and increased performance
|
|
|
22. A business is currently in the process of upgrading its network infrastructure to accommodate a personnel growth of over fifty percent within the next six months. All preliminary planning has been completed and a risk assessment plan is being adopted to decide which security controls to put in place throughout each phase. Which of the following risk responses is MOST likely being considered if the business is creating an SLA with a third party? a. Accepting risk b. Mitigating risk c. Identifying risk d. Transferring risk |
d. Transferring risk
|
|
|
A company contracts with a third party to develop a new web application to process credit cards. Which of the following assessments will give the company the GREATEST level of assurance for the web application? a. Social Engineering b. Penetration Test c. Vulnerability Assessment d. Code Review |
d. Code Review
|
|
|
Which of the following is the MOST cost-effective solution for sanitizing a DVD with sensitive information on it? a. Write over the data b. Purge the data c. Incinerate the DVD d. Shred the DVD |
d. Shred the DVD
|
|
|
Transaction Signature (TSIG) is used for: a. Sharing public keys between DNS servers b. Authenticating updates to a dynamic DNS database c. Validating requests for DNS resolution d. Using a one-way hashing function to timestamp packets |
b. Authenticating updates to a dynamic DNS database
|
|
|
26. What are the two common types of VLAN-hopping attacks? a. Switch spoofing and double tagging b. MAC switching and reverse tagging c. Route poisoning and DDoS d. ARP spoofing and reverse VLAN injection |
a. Switch spoofing and double tagging
|
|
|
To constrain an application into a confined area during execution is a reference to: a. Application quarantining b. Tests to detect memory leaks c. Input validation d. Sandboxing |
d. Sandboxing
|
|
|
A small company has a network with 42 workstations, 2 printers, a 48 port switch, an enterprise class router, and a firewall at the boundary to the ISP. The workstations have the latest patches and all have up-to-date anti-virus software. User authentication is a two-factor system with fingerprint scanners and passwords. Sensitive data on each workstation is encrypted. The network is configured to use IPv4 and is a standard Ethernet network. The network also has a captive portal based wireless hot-spot to accommodate visitors. Which of the following is a problem with the security posture of this company? a. No effective controls in place b. No transport security controls are implemented c. Insufficient user authentication controls are implemented d. IPv6 is not incorporated in the network |
b. No transport security controls are implemented
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
