Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
100 Cards in this Set
- Front
- Back
|
Which wireless modulation technique combines digital and analog signaling to encode data into radio signals? |
QAM |
|
|
A collection of BSSs connected by one or more DSs is referred to as an ____ service set (ESS). |
extended |
|
|
Which wireless modulation technique addresses the transmission of the data stream that has been properly encoded onto the radio signal? |
Spread-spectrum transmission |
|
|
In the mesh wireless topology, there may be no dominant ____. |
WAP |
|
|
QPSK uses four signal states that are ____ degrees out of phase to carry four signal values. |
90 |
|
|
The primary advantage of the ____ wireless topology configuration is the flexibility of the network. |
mesh |
|
|
The primary drawback associated with ad hoc networks is that they are inherently ____. |
unreliable |
|
|
Ad hoc wireless models rely on the existence of ____ to provide connectivity. |
multiple stations |
|
|
Which connectivity model uses a single access point that provides connectivity for a number of clients within a BSS? |
Point-to-multipoint |
|
|
What is the branding name for interoperable equipment that is capable of supporting IEEE 802.11i requirements? |
WPA2 |
|
|
Which technology works by taking the original data stream and breaking it up into small bits, then transmitting each of those on a different frequency channel simultaneously? |
Direct-Sequence Spread Spectrum (DSSS) |
|
|
The primary advantage of the ____ wireless topology configuration is the increased number of connections among stations, which allows greater connectivity. |
hierarchal |
|
|
802.11n has a maximum data rate of ____. |
600Mbps |
|
|
The ____ of the wireless network is the area the radio signal reaches. |
footprint |
|
|
Bluetooth networks are referred to as ____. |
piconets |
|
|
What is the largest area of concern with regard to security in ZigBee? |
Accidental key reuse |
|
|
The improved Bluetooth 2.0 increased the data rate to around ____ Mbps. |
three |
|
|
Which group was created to certify the interoperability of 802.11b products? |
Wi-Fi Alliance |
|
|
The use of ____ is required to achieve RSN compliance. |
CCMP |
|
|
Which notable Bluetooth attack allows a nearby attacker to issue commands to an unsuspecting target phone? |
BlueBug |
|
|
What is the best way to secure FTP or TFTP? |
Employ encryption and authentication |
|
|
____ are collections of IP addresses of known spam sources on the Internet, and they can be easily integrated into most SMTP server configurations. |
Real-time blacklistings (RBLs) |
|
|
One of the biggest strengths of Perl is its ____-manipulation abilities. |
text |
|
|
What is the best way to direct visitors to a new location or page? |
Create a .htaccess file with the following entry: Redirect 301 /old/old.html /new/new.html. |
|
|
____ refers to a new use of existing technologies. |
AJAX |
|
|
Which HTTP request method retrieves meta-information only from the resource signified in the URI? |
HEAD |
|
|
____ is the basis for Web communication. |
HTTP |
|
|
What is the best way to restrict URL access? |
Make sure sensitive pages require authentication |
|
|
What is the best way to make sure data is properly encrypted while in transit? |
Use the "secure" flag on all sensitive cookies |
|
|
A major problem with FTP is that data is transferred in ____. |
plaintext |
|
|
____ is a key component of the Web, working in conjunction with HTTP to move content from servers to clients. |
HTML |
|
|
An SMTP ____ is a simple message providing status information about the monitored device. |
trap |
|
|
____ is a simple method of transferring files between computer systems. |
FTP |
|
|
In 2010, OWASP determined that ____ attacks were the top risk to Web applications. |
injection |
|
|
To provide monitoring, an SNMP ____ must be installed on a desired host or network device. |
agent |
|
|
A(n) ____ is designed to translate information sent from a particular agent or class of agents. |
MIB |
|
|
What is the best way to secure Telnet? |
Do not use Telnet at all |
|
|
Which HTTP response code indicates that an error has occurred on the client side? |
401 |
|
|
DNS ____ provide a mechanism to divide ownership responsibility among various DNS servers and the organizations they serve. |
zones |
|
|
With ____ mode, a trusted internal FTP client makes an outgoing request to the FTP server. |
passive |
|
|
A(n) ____ uses all the techniques and tools available to an attacker in an attempt to compromise or penetrate an organization’s defenses. |
penetration test |
|
|
Requirements for a complex password system include using a ____ value, implementing strong encryption, requiring periodic password changes, and generally implementing a system where guessing a password or its hash is very difficult. |
salt |
|
|
A(n) ____ vulnerability scanner listens in on the network and identifies vulnerable versions of both server and client software. |
passive |
|
|
____ is a vulnerability scoring system designed to provide an open and standardized method for rating IT vulnerabilities. |
CVSS |
|
|
A ____ (sometimes called a network protocol analyzer) is a network tool that collects copies of packets from the network and analyzes them or stores the packets for later analysis. |
packet sniffer |
|
|
The ____ command, available on most popular Web browsers, allows users to see the source code behind the page. |
View Source |
|
|
Which vulnerability can occur if a programmer does not properly validate user input and allows an attacker to include unintended SQL input that can be passed to a database? |
Command injection |
|
|
Probably the most popular port scanner is ____, which runs on both UNIX and Windows systems. |
nmap |
|
|
The CVSS ____ Score is set by the organization using the software. |
Environmental |
|
|
Because it accepts firewall and intrusion logs from many sources, ____ is often one of the first organizations to spot network anomalies, and it often traces them to specific malware or vulnerability exploits. |
the ISC |
|
|
SPIKE can fuzz any protocol that utilizes ____. |
TCP/IP |
|
|
The most realistic type of penetration test is a ____ box test. |
black |
|
|
The ____ stage of the attack methodology is a systematic survey of the target organization’s Internet addresses, conducted to identify the network services offered by the hosts in that range. |
fingerprinting |
|
|
The ____ mailing list is a widely known, major source of public vulnerability announcements. |
Bugtraq |
|
|
If Web software can access parts of the underlying operating system’s file system through normal URL mappings, a(n) ____ may occur. |
directory traversal attack |
|
|
The printf (user_input); command in C has the potential to cause a(n) ____ vulnerability. |
format string problem |
|
|
One of the preparatory parts of the attack methodology is the collection of publicly available information about a potential target, a process known as ____. |
reconnaissance |
|
|
802.11 wireless networks exist as ____ on nearly all large networks. |
subnets |
|
|
Protocol analyzers are commonly referred to as ____. |
sniffers |
|
|
Implementing applications that verify the true communication destination during execution help prevent vulnerabilities associated with ____. |
trusting network name resolution |
|
|
From a network security perspective, the ____ logs are the most valuable to a systems and network administrator in identifying and resolving issues. |
admin and operational |
|
|
The purpose of ____ is to manage the effects of changes or differences in configurations on an information system or network. |
configuration and change management (CCM) |
|
|
A spreadsheet program might record an error for access to a file in the ____ log. |
application |
|
|
As part of the initiation and planning audit phase, it is customary for a(n) ____ to be developed, which serves as a service agreement between the auditing team and the requesting entity. |
engagement letter |
|
|
In Microsoft Windows-based systems, you can use the ____ to manage event logs from the command line. |
Wevutil utility |
|
|
A(n) ____ is a task being performed by a computing system. |
process |
|
|
On most current versions of Microsoft Windows-based systems, logging is managed by the ____, which is accessible from the system control panel. |
Event Viewer |
|
|
The primary purpose of ____ is to enable organizations to obtain certification; thus, it serves more as an assessment tool than an implementation framework. |
ISO/IEC 27001 |
|
|
In the Windows OS, services are usually initiated (loaded or started) at boot-up as ____, which consist of software code, data and/or other resources necessary to provide the service. |
dynamic-link libraries (DLLs) |
|
|
The primary focus of ____ is to determine if the standards and/or regulations the organization claims to comply with are, in fact, complied with. |
an audit |
|
|
A(n) ____ is any clearly identified attack on the organization’s information assets that would threaten the assets’ confidentiality, integrity, or availability. |
incident |
|
|
The actions an organization should take while an incident is in progress are defined in a document referred to as the ____ plan. |
incident response (IR) |
|
|
The bulk transfer of data in batches to an off-site facility is called ____. |
electronic vaulting |
|
|
The ____ review entails a detailed examination of the events that occurred from first detection to final recovery. |
after-action |
|
|
In some organizations, which two plans are considered to be one plan, known as the Business Resumption Plan? |
DR plan and BC plan |
|
|
According to D. L. Pipkin, ____ is a definite indicator of an actual incident. |
use of dormant accounts |
|
|
A(n) ____ is a detailed description of the activities that occur during an attack, including the preliminary indications of the attack as well as the actions taken and the outcome. |
attack profile |
|
|
Incident ____ is the process of evaluating organizational events, determining which events are possible incidents, also called incident candidates, and then determining whether or not the incident candidate is an actual incident or a nonevent, also called a false positive incident candidate. |
classification |
|
|
The ____, which is also known as the Security Incident Response Team (SIRT), is the group of individuals who would be expected to respond to a detected incident. |
Computer Security Incident Response Team (CSIRT) |
|
|
A(n) ____ backup is the storage of all files that have changed or have been added since the last full backup. |
differential |
|
|
Which audience is interested in analysis report issues in terms of compliance with organizational policies? |
Auditors |
|
|
A disadvantage of hardware imaging platforms is that they are ____. |
costly |
|
|
Information collected in such a way that the information will be usable in a criminal or civil proceeding is known as ____. |
evidence |
|
|
One of the more perplexing problems in collecting digital data concerns so-called volatile information, such as the contents of a ____. |
computer's memory |
|
|
Who is responsible for maintaining control of the field evidence log and locker? |
Scribe |
|
|
The ____ handles computer crimes that are categorized as felonies. |
FBI |
|
|
Media that is used to collect digital evidence must be forensically ____. |
sterile |
|
|
Countering efforts by foreign countries to steal our nation’s secrets, evaluating the capabilities of terrorists in a digital age, and ____ are the FBI’s highest priorities. |
fighting cyber crime |
|
|
There are various ways to prepare sterile media, but a common method is to write ____ to every block on the device to erase any previous contents and then, if needed, format the device with a file system. |
zeroes |
|
|
Which form documents the team’s activities during evidence collection? |
Field activity Log Form |
|
|
In large organizations, ____ know operating systems and networks as well as how to interpret the information gleaned by the examiners. |
forensic analysts |
|
|
Which audience is typically interested in the analysis report recommendations as to whether or not the allegations were correct? |
upper management |
|
|
Forensic investigators use ____ (also known as sector-by-sector) copying when making a forensic image of a device. |
bit-stream |
|
|
In large organizations, ____ are skilled in the operations of particular tools used to gather the analysis information. |
forensic examiners |
|
|
A(n) ____ is used to sniff network traffic. |
Ethernet tap |
|
|
Which material presents a gray area of ownership? |
Employee-purchased briefcases used to transfer work |
|
|
An organization’s ____ policy must spell out the procedures for initiating the investigative process, including management approvals. |
incident response (IR) |
|
|
When prioritizing collected evidence, which term refers to the likelihood that the information will be useful? |
Value |
|
|
The ____ handles certain cases involving credit card fraud and identity theft. |
U.S. Secret Service |
|
|
Who is responsible for collecting copies or images of digital evidence? |
Imager |
