Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

100 Cards in this Set

  • Front
  • Back
Lack of appropriate security controls can result in a loss of revenue.
Having extra services/daemons running on your networked server is a good security practice because it makes future server enhancements occur without additional software installation
A DHCP server should acquire a dynamically assigned IP address from a peer DHCP server.
Because of its strong level of encryption, 3DES is one of those technologies that may not be available for export to some countries outside North America.
Wireless networking cannot enable encrypted data transfers from client to server.
A simple search a on 'Browser password crackers' will result in numerous links that can provide downloadable utilities, which can crack a browser password.
The local folder in which your Temporary Internet files are stored cannot be changed.
Cookie theft requires access to the client's local machine.
A cookie is a piece of compiled code, similar to an applet that is downloaded to the client's machine.
Once a digital certificate is downloaded to a workstation, it will never expire unless the user cancels it.
Revoked certificates will continue to function properly, unless they are published on the CRL.
Publishing a CRL will prevent accidental or unauthorized use of certificates that are no longer valid.
If Your private key is corrupted,you can regenerate the same private key.
A corporate security policy will not address the physical security of an organization, just the technical components.
If no one follows the policy, no amount of high-tech software or hardware in the world will protect your network.
All companies must comply with the same legal and regulatory requirements.
Security is everyone's responsibility and is more commonly breached at the end-user level than anywhere else in the organization.
With appropriate processes and procedures in place, it is considered sound practice for the information security team to attempt common hacking techniques against their own E commerce Web site.
Many companies use a combination of network-based,host-based, and application-based monitoring IDSs.
Network-based IDSs cannot examine packets for known virus signatures.
What is a person who tests systems for the purpose of reporting vulnerabilities before they spread called?
White hat
What is another name for white hat testers?
Ethical hackers
What are the primary targets of a network-based attack?
Network perimeter vulnerabilities
An attacker is attempting to break into your computer network. He captures the intercepted data and transmits it back to your server at a later time. What type of attack was used?
Replay attack
Which of the following attacks commonly uses a sniffer to collect data?
Replay attack
what type of exploit uses an executable program to deliver destructive code to disable an operating system or application?
Malicious code
When a System Adiministrator uses her access level to secure systems to steal confidential data, what type of software-based attack is she using?
Misuse of privilege
Which of the following well-known programs is used for software-based takeover attacks?
Back Orifice
What is the ANSI standard for LDAP?
Which of the following defines a directory and its objects and containers as extensible, meaning it can be extended or modified to support the specific needs of an organization?
When working with Windows 2000 Advanced Server and NetWare 6, which two are commonly used GUI utilities for managing LDAP objects?
Active Directory Users and Computers
Lightweight Directory Access Protocol is a component of which protocol grouping?
DHCP servers automatically assign IP addresses to workstations. What must be configured on the DHCP server to assign the IP numbers?
You are the SA for WorldWide Bank. The Mailroom group and the Executives group share a print device. The Executive group requires their print jobs to print before the Mailroom group print jobs. How should you manage this requirement?
Assign Priority 99 to Executive group and Priority 1 to Mailroom group.
To install a new printer on a Windows 2000 Professional workstation, you must do what?
Choose Start,Settings,Printers
As the SA responsible for File and Print servers at WorldWide Bank, you decide to protect data as it is transmitted between clients and servers. You choose to have the client digitally sign the SMB protocol. This will require the use of public and private keys. In order for the client to sign the data, which key must he use, and which key must the server use?
Client private and client public
As the SA responsible for hardening the Windows 2000 Advanced file servers,you decide to use Permissions to lock down access to a folder. You apply the following Share and NTFS corporate network, what will the resulting permissions be?
You are responsible for supporting three offices at WorldWide Bank. In order to monitor your network devices, you decide to use SNMP agents to trap error messages and send them to your remote site. What security threats should you be aware of?
SNMP sends data in cleartext.
What should you use as a protective measure that will help secure your use of SNMP?
IP routers are used for directing IP requests. IP routers residing on your network border should be configured to block incoming IP addresses that have what?
Have been assigned to your internal network.
Which internetwork device should be used to hide your internal IP addresses?
On Windows 2000 servers,you can protect against cache poisoning by enabling the Secure Cache Against Pollution setting. To do so,you must add the following registry value:Value Name:SecureRespones Data Type:RegWord Value:1. What registry setting must be edited to activate this new value?
The URLScan ISAPI filter from Microsoft can be used to filter characters and file extensions entered into the URL stream. Which of the following can URLScan block?
To enable auditing on your Windows 2000 Web server,you need to make a configuration change to the default Web site. What utility is used to make this change?
Internet Services Manager
Of the following statements regarding HTTPS,which is most true of the data sent from a browser to an HTTPS server?
The entire message is encrypted.
As a consultant responsible for evaluating and locking down your clients' IIS Web server,you must come up with several tasks to improve the Web storefront's security. Your primary goal is to improve the overall security of the server. Your second goal is to limit URL-based attacks. Your third goal is to patch the vulnerabilities in the server. Action taken: You run the IIS Lockdown Toolkit,the IIS Security Rollup package,and you verify that URLScan ISAPI filter is enabled and properly configured. Which of your goals were accomplished?
All of your goals were accomplished.
When designing a secure architecture,the Information Security professional must consider the balance between cost and security. With this in mind,your customer has asked you to recommend an architectural design that facilitates FTP in a secure manner. Which would be the best recommendation?
Install the FTP server on a dedicated machine,and on an isolated segment.
Why is SFTP more secure than FTP?
Data passes over an SSH encrypted connection.
What tools/utilities does Microsoft provide that will assist in securing your FTP server?
IIS Lockdown toolkit
What is another command,other than FTP,that can be used for securely transferring files over an SSH connection?
What type of a security attack is an e-mail hoax?
Social engineering
An attacker can overload an email server by flooding a network with emails. What would the email server be receiving in this case?
What does email spoofing entail?
Impersonating the email sender.
IPSec policies are composed of rules. Which component of the rules describes the specific protocol,port,and source computer to which the rule should apply?
IP filter
Which of the following algorithms are hashes used by IPSec?
MD5 and SHA
DES processes data for encryption in what size blocks?
What must be established between two computers using IPSec in order to establish a connection and transfer data?
Security association
Windows XP Professional includes a new snap-in that you can add to a custom mmc console called what?
IP Security monitor
Which algorithm is used with the Internet Key Exchange protocol to generate a master key?
Since your handheld PDA has the ability to surf the Internet but limited screen real estate,a new Internet Web page language was developed to specifically work on handheld devices. What is the new language?
What is the maximum open-area range between computing devices using the 802.11b wireless network protocol?
1000 feet
A user calls you for support about their PDA. The claim that they are missing files on their PDA,and some other files appear to be corrupted because they can open some files but not all of them. What is a likely cause of the problem?
The PDA is infected with a virus
As a parent of a 13-year-old son who is begining to use the World Wide Web for school research and for entertainment,you want to restrict inappropriate site access. What feature in Internet Explorer must be changed to prevent viewing of Web sites that contain violent content?
Content Advisor
Browsers save a record of your Internet activity. Some of this activity data can present a security threat. Which elements should the Information Security professional be aware of?
History files
Temporary Internet files
There is an established group of general tenets that outline the foundation of good Information Security practices. Which tenet(s) does a digital certificate fulfill?
In a large corporation with multiple CAs,a trust model of CAs is formed. What is this trust model commonly referred to as?
CA Hierarchy
What type of CA is created by a company for use primarily within the company itself?
Private root
What type of CA is created by a third-party vendor(such as Verisign)after they consult with a company and determine the company's particular CA needs and requirements?
Public root
After establishing your Root CA and subordinate CAs,how should the Root CA best be secured?
Take the Root CA offline
What process is used to define the information and parameters contained in the digital certificates?
Certificate Policy
Sean downloaded a digital certificate to his office PC. He needs to work at home this weekend,and will need to use his existing certificate. How can he get it from his office PC to his home PC?
Export it
When determining the life cycle length of your digital certificates,which two factors should affect your decision?
Length of the CA's private key.
Strength of crypto being used.
Which backup operation would you choose to have the shortest daily backup time?
What backup tool option is available on Windows 2000 Advanced Server that does not back up your files or programs,but does back up critical NOS files to help restart Windows if it is damaged?
Emergency Repair Disk
Issuing certificates to a large employee base requires a great deal of administrative overhead. You could outsource this function to the controlling third-party CA TO reduce your workload. What drawback does this present?
Cost prohibitive
What does certificate renewal allow?
The original certificate to be used longer.
What should the CA do if a certificate owner's private key has been compromised?
Revoke the certificate
You have issued a certificate to a contractor that works on your location. The contractor will be off the job for 30 days. What should you do to temporarily disable the contractor's certificate?
Suspend certificate
After revoking a certificate,what should be done with the certificate file?
Destroy the certificate
What should you do after recovering your lost private key?
Decrypt existing data and generate new key pair.
What is the most important phase of implementing a security infrastructure?
Monitoring and maintenance
What outlines the plan for the individual security component?
Policy statement
There are a number of Information Security organizations that you should become familiar with in order to keep current and aligned with the industry. Which of the following associations is a leading contributor to the InfoSec industry?
Which of the following is a "Site Security Handbook" from the IETF that contains guidelines for developing computer security policies and procedures for organizations that allow Internet access to their resources?
Which of the following is a standard for Information Security developed by the ISO which is currently under development?
A good security policy is necessary for every company. The policy is determined by whose needs?
The organization's
Which of the following is a legal area of concern for an organization?
Business partners
The HIPAA of 1996 is important federal legislation that affects security professionals. Which of the following aspects of an individual's privacy does this act protect?
Health records
Due to their mobility and easy theft,your company should have a policy addressing which of the following devices?
Laptop computers and PDAs
Which of the following is an example of a physical control?
Locked door
You have acquired the skills you need to keep your security infrastructure healthy. But whose responsibility is Security?
All individuals
Your users represent the front lines of defense against which of the following types of hacking?
Social engineering
Security documentation takes various forms. Which of the following do security professionals commonly use?
Systems Architecture
The most appropriate course of action against Scanning is what?
Hardening devices
The most appropriate course of action against Enumerating is what?
Hardening services and resources
Intrusion Detection Systems are categorized primarily by their monitoring method. The two most common implementations of an IDS are what?
Network-based IDS and Host-based IDS
You have secured all of the components that make up your ECommerce site. The last task that you want to complete is to install host-based IDS on the Web server. What will be monitored by the host-based IDS?
Just the Web server.
Which of the following honeypot solutions is the most complex to deploy?
There are a number of different and appropriate responses to security incidents. Which response might be most appropriate upon detecting an attack that is not causing immediate damage,but has the potential to be esclated in the future?
Gather evidence
You wish to avoid having your system resources used by hackers to amplify broadcasts. What configuration change should you make to prevent this from happening?
Disable directed broadcast on your routers.