Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
20 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
1 CH11
In which type of testing do you begin with the premise that the attacker has no knowledge of the network? |
1
A) Black box B) White box C) Gray box D) Green box |
1 A
With black box testing, you begin with the premise that the attacker has no knowledge of the network. |
|
|
2 CH11
Which IEEE standard is often referred to as EAP over LAN? |
2
A) 802.1E B) 802.1Z C) 802.1Y D) 802.1X |
2 D
The IEEE standard 802.1X is often referred to as EAP over LAN. It defines port-based security for wireless network access control. |
|
|
3 CH11
Which log visible in Event Viewer shows successful and unsuccessful login attempts in Windows 7? |
3
A) System B) Security C) Audit D) Application |
3 B
The Security log in Windows 7 (as well as in all versions of Windows) shows successful and unsuccessful login attempts and can be viewed with Event Viewer. |
|
|
4 CH11
During what process do you look at all custom written applications for holes that may exist (in the form of the finished application, configuration files, libraries, and so on)? |
4
A) Network bridging B) Design review C) Code review D) Remediation |
4 C
During a code review, you look at all custom written applications for holes that may exist (in the form of the finished application, configuration files, libraries, and the like). |
|
|
5 CH11
What are the two states that an application can fail in? |
5
A) Dependable B) Failsafe C) Failopen D) Assured |
5 B/C
There are two states that an application can fail in. In a failsafe mode, the crash leaves the system secure. In a failopen state, the crash leaves the system exposed (not secure). |
|
|
6 CH11
You want to implement MAC filtering on a small network but do not know the MAC address of a Linux-based workstation. Which command-line tool can you run on the workstation to find the MAC address? |
6
A) ifconfig B) ifconfig /show C) ipconfig D) ipconfig /all |
6 A
The command ifconfig will show the MAC address on the Linux or Unix-based workstation. |
|
|
7 CH11
Which of the following is a protection feature built into many firewalls that allow the administrator to tweak the tolerance for unanswered login attacks? |
7
A) MAC filter B) Flood guard C) MAC limiter D) Security posture |
7 B
A flood guard is a protection feature built into many firewalls that allow the administrator to tweak the tolerance for unanswered login attacks. By reducing this tolerance, it is possible to reduce the likelihood of a successful DoS attack. |
|
|
8 CH11
The goal of _____ is to minimize the possibility of exploitation by reducing the amount of code and limiting potential damage. |
8
A) EAPOL B) EAP C) ASR D) 802.1X |
8 C
The goal of attack surface reduction (ASR) is to minimize the possibility of exploitation by reducing the amount of code and limiting potential damage. |
|
|
9 CH11
Which Windows workstation feature is accused of—sometimes inadvertently—making network bridging possible and introducing security concerns? |
9
A) Internet Connection Sharing B) Windows Firewall C) Network Address Translation D) Dynamic Naming Service |
9 A
ICS—Internet Connection Sharing—is accused of (sometimes inadvertently) making network bridging possible and introducing security concerns. |
|
|
10 CH11
Which of the following is a software application that checks your network for any known security holes? |
10
A) Logic bomb B) Log analyzer C) Vulnerability scanner D) Design reviewer |
10 C
A vulnerability scanner is a software application that checks your network for any known security holes. |
|
|
11 CH
In which type of testing do you begin with the premise that the attacker has inside knowledge of the network? |
11
A) Black box B) White box C) Gray box D) Green box |
11 B
With white box testing, you begin with the premise that the attacker has inside knowledge of the network. |
|
|
12 CH11
Rule-based management defines conditions for access to objects and is also known as: |
12
A) Distributed management B) Management by objective C) Role-based management D) Label-based management |
12 D
Rule-based management, also known as label-based management, defines conditions for access to objects. |
|
|
13 CH11
Nessus is a tool that performs which security function? |
13
A) Vulnerability scanning B) Penetration testing C) Ethical hacking D) Loop protection |
13 A
Nessus is one of the better-known vulnerability scanners. |
|
|
14 CH11
The approach a business takes to security is known as its: |
14
A) Rule-based management B) Network bridging C) Security posture D) Assessment technique |
14 C
The security posture is the approach a business takes to security. |
|
|
15 CH11
Which of the following is the area of an application that is available to users—those who are authenticated and more importantly those who are not? |
15
A) Exposed liability B) Attack surface C) Security weakness D) Susceptible claim |
15 B
The attack surface of an application is the area of an application that is available to users—those who are authenticated and more importantly those who are not. |
|
|
16 CH11
You want to implement MAC filtering on a small network but do not know the MAC address of a Windows-based workstation. Which command-line tool can you run on the workstation to find the MAC address? |
16
A) ifconfig B) ifconfig /show C) ipconfig D) ipconfig /all |
16 D
The command ipconfig /all will show the MAC address as the physical address. |
|
|
17 CH11
Your manager has purchased a program intended to be used to find problems during code review. The program will read the code and look for any possible bugs or holes. What type of assessment is this known as? |
17
A) Mechanized B) Automated C) Programmed D) Manual |
17 B
Simply reading the code is known as manual assessment, while using tools to scan the code is known as automated assessment. |
|
|
18 CH11
What checks to make sure that things are operating status quo and that change detection is used to alert when modifications are made? |
18
A) Baseline reporting B) Code review C) Attack surfacing D) Risk analysis |
18 A
Baseline reporting checks to make sure that things are operating status quo and that change detection is used to alert when modifications are made. |
|
|
19 CH11
In which type of testing do you begin with the premise that an outsider attacker is being fed some knowledge from someone inside the network? |
19
A) Black box B) White box C) Gray box D) Green box |
19 C
With gray box testing, you begin with the premise that an outsider attacker is being fed some knowledge from someone inside the network. |
|
|
20 CH11
Which of the following involves trying to get access to your system from an attacker’s perspective? |
20
A) Loop recon B) Flood gating C) Vulnerability scanning D) Penetration testing |
20 D
Penetration testing involves trying to get access to your system from an attacker’s perspective. |
