Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
56 Cards in this Set
- Front
- Back
|
Your friend has configured a wireless network in his house and configured wireless encryption to secure the network. A few days later, his neighbor told him he was able to access the wireless network. Which encryption type did your friend most likely configure.
|
WEP Wired Equivalent Privacy |
|
|
Which type of secure network administration principle is defined if object access auditing is enabled? Log analysis Access control list Rule-based management Loop protection |
Log analysis
|
|
|
As a network technician within your company, one of your main tasks is to gather and analyze system and network security reports. Using these reports, you are required to collaborate with your IT team to identify system and network issues and their root cause. You must also identify areas of weakness within your network that may require additional resources to avoid future issues. Which action can best be used to meet requirements? Review system and network security reports for trends. Review audit logs for trends. Review system and network security reports for alerts. Review system and network security reports for alarms. |
Review system and network security reports for trends.
|
|
|
Which of the following are examples of risk mitigation strategies? Recording time offset Taking hashes Permissions review Perform a business impact analysis Routine audits |
Permissions review Routine audits |
|
|
1. Searching recycle bins 2. Accessing a secure location by following someone 3. Watching someone enter their sensitive data 4. Sending an email that appears to be from a reputable source and asking for account information 5. Targeting upper management 6. Calling someone and asking them tot update bank information |
1. Dumpster Diving 2.Tailgating 3. Shoulder surfing 4. Phishing 5. Whaling 6. Vishing |
|
|
Which of the following is part of the formula used to calculate risk when performing qualitative risk analysis. Value Probability Exposure Factor Occurence |
Probability
|
|
|
Which authentication factor can use an authentication method based on information extracted from a packet header? Something you have Something you do Somewhere you are Something you are |
Something you are
|
|
|
1. Used to limit resources an application can access; keychain 2. Used to prevent specified software from running; blacklist 3. Commonly used by endpoint security products; sandbox 4. Used to provide secure storage for login information; whitelists 5. Used to provide location-specific information; geo-tagging |
1. Sandbox 2. Blacklist 3. Whitelist 4. Keychain 5. Geo-tagging |
|
|
Match each event to their system log type. 1. Events received from another remote computer 2. Information about a successful operation of a driver. 3. Successful and unsuccessful logon attempts. 4. Information logged by Windows system services. Forwarded Events log Security Log System Log Application Log |
1. Forwarded Events log 2. Application Log 3. Security Log 4. System log |
|
|
What is the min. EAL certification recommended for commercial systems? EAL 2 EAL 3 EAL 5 EAL 4 |
EAL 4
|
|
|
Which of the following should be referenced before creating a BYOD policy? Acceptable Use Policy SLA Policy Change Management Document Site Survey |
Acceptable Use Policy
|
|
|
You are working on segmenting a small network to adhere to the VLAN management secure network administration principle. You would like to create four VLANs, one for each company department. If all departments need to communicate with one another, which devices would you use? One router One hub Four layer 2 switches One layer 2 switch |
One router One layer 2 switch |
|
|
Your organization is required to make all decryption keys available, in the event that they are requested by law enforcement. Which of the following would best allow you to accomplish this? Digital signatures KDC KRA Key escrow |
Key escrow
|
|
|
Which phase of the incident response process provides the greatest impact for future security incidents? Recovery Identification Preparation Reporting |
Reporting
|
|
|
Which statement BEST describes TPM? A physical device used to safeguard and mange digital keys. A Windows feature that allows for control of the applications that users are allowed to access. A set of rules that apply to port numbers or IP addresses. A hardware chip used to store crypto |
A hardware chip used to store crypto
|
|
|
When building a SAN what are reasons for the selection of iSCSI over Fibre Channel? Lower implementation cost Less resource intensive Lower learning curve Higher performance |
Lower implementation cost Lower learning curve |
|
|
Your company uses a PKI. As a member of your local IT, team you have been tasked with implementing a method of storing keys that can be used by law enforcement to decrypt encrypted documents. What should you do to meet this requirement? Configure a key escrow Configure all CAs to use a CRL Implement a PKI hierarchical trust model Assign a recovery agent |
Configure a key escrow |
|
|
What is used on switches for loop prevention? Half duplex mode STP VLAN VTP |
STP
|
|
|
Which block cipher would be considered the MOST secure? IDEA 3DES AES DES |
AES Advanced Encryption Standard |
|
|
When running software, which rings in the CPU privilege architecture correspond to device drivers? 0 1 3 2 |
1 2 |
|
|
You require asymmetric encryption type that can be used for encryption and digital signatures. Which encryption type should you select? RSA CAST Diffie-Hellman ECC |
RSA |
|
|
You are reviewing the routing table on a device as part of a security audit. Which IPv6 address would be in the table if a default route has been configured? ::1/128 ::/0 ::/128 201::DBA1:0:0:1 |
::/0 A default route is a singular route that forwards all traffic to the exit interface. This technique is used to conserve room in a routing table. The address ::/0 is the default unicast route address. |
|
|
Sequence system components from the most volatile to least. Archival Media Hard drive Temporary file systems CPU cache Physical configuration Memory |
CPU Cache Memory Temporary File Systems Hard Drive Physical Configuration Archival Media |
|
|
Match each security design goal with the statement that best describes its key obj. 1. Ensures that the data that users are working on is accurate 2. Ensures that data and security controls are all functioning whenever access is required to the information system. 3. Dictates who is responsible for a particular item. 4. Ensures that information is not disclosed to unauthorized parties. Accountability Integrity Confidentiality Availability |
1. Integrity 2. Availability 3. Accountability 4. Confidentiality |
|
|
You need to identify vulnerability issues. The vulnerability scanning tool that you will be using allows you to authenticate. Which type of scanning is being described? Intrusive Credentialed Non-credentialed Non-intrusive |
Credentialed |
|
|
You have just hired a new employee to take care of server backups. You have given the employee backup operator permissions to allow him to perform the tasks he is required to do for his position. Which principle of security did you apply? Rotation of duties Separation of duties Least privilege Due care |
Least privilege Process of only providing enough permission for the user to perform duties. |
|
|
Which common vulnerability assessment tool is used to identify the services that are running on a system, open network ports, and unpatched operating systems? Network mapper Protocol analyzer Port scanner Vulnerability scanner |
Vulnerability scanner |
|
|
Which of the following attacks target wireless networks encrypted with WEP? Packing sniffing Evil twin IV attack War chalking |
IV attack Initialization vector attacks target wireless networks encrypted with WEP. WEP uses a 24-bit IV, and the IV changes with each transmission. Since it is only 24-bit it can be cracked easily. Once IV cracked attacker can gain access to network. |
|
|
Vulnerability scans are conducted on a regular basis in attempt to detect vulnerabilities. A vulnerability assessment reports that a vulnerability exists; however, it turns out as being normal non-malicious event. What is this known as? Mitigation False positive False negative Exposure factor |
False positive
|
|
|
You have been hired as a security consultant for a small company. Management is concerned about the security of their company web server due to some recent DoS attacks. They have asked you to provide them with specific procedures to follow to get the web server back online as quickly as possible if another attack occurs. Which of the following assist in this task?
|
Create incident management document |
|
|
Which type of attack refers to inserting malicious code into a web browser in an attempt to get a user to unknowingly execute the code when accessing the web page? LDAP injection Cross-site scripting SQL injection XML injection |
Cross-site scripting
|
|
|
Which of the following are the two main types of SSL VPNs? Point to point Transport Portal Tunnel |
Tunnel Portal |
|
|
What can be implemented so organizations do not have to run a separate network for their LAN and one for SAN? VLAN FCoE SATA FC |
FCoE Fibre channel over Ethernet is a technology that allows FC information and normal LAN traffic to be run on same network. This saves cost and time as additional hardware and configuration is not required. The FCoE traffic is encapsulated as Ethernet frames to traverse the networks. |
|
|
Your company has opened a new branch office location that will require personnel to handle sensitive corporate information. You have been tasked with implementing a deterrent technique for the branch office to securely document and store all actions taken by any personnel at any time. Costs should be kept at min. Which deterrent technique should you implement to meet requirements. Install a motion activated camera Hire ten full time security guards Deploy a CCTV environment Hire security guard |
Deploy CCTV environment
|
|
|
You need to use a method called key stretching that will make a weak key more secure. Which algorithms can be used for key stretching. RSA Bcrypt ECC PBKDF2 |
Bcrypt PBKDF2 |
|
|
While testing one of your organizations applications you have discovered that a developer has left a backdoor method to gain root access to the application. As a result which of the following attacks is most likely to occur? TCP/IP hijacking Privilege escalation DDoS Spear phishing |
Privilege escalation
|
|
|
Which of the following uses a token device consisting of an internal clock to help determine when to generate a user password? TOTP HOTP CHAP PAP |
TOTP
|
|
|
You have implemented the use of request verification tokens associated with user sessions for a web server. Which type of attack will this help prevent? IP spoofing Zero-day XSRF Privilege escalation |
XSRF
|
|
|
Which of the following is a form of smart card used by the U.S. federal government? PIV SSO Access Card SSL |
PIV
|
|
|
Which key is used by asymmetric algorithms to decrypt messages? Secret key Private key Session key Public key |
Private key
|
|
|
Process of making certain that an entity is as secure as can be is known as: Stabilizing Reinforcing Hardening Toughening |
Hardening
|
|
|
Pete a security auditor has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to? PAP, MSCHAPv2 CHAP, PAP MSCHAPv2, NTLMv2 NTLM, NTLMv2 |
PAP, MSCHAPv2 |
|
|
An IT director is looking to reduce the footprint of their company's server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. Which of the following BEST describes this arrangement? Infrastructure as a service Storage as a service Platform as a service Software as a service |
Infrastructure as a service
|
|
|
Which of the following network devices is used to analyze traffic between various network interfaces? Proxies Firewalls Content inspection Sniffers |
Sniffers
|
|
|
Layer 7 devices used to prevent specific types of html tags are called: a. firewalls b. content filters c. routers d. NIDS |
content filters
|
|
|
You need to install a fence around your company building as the area must be secured. Which of the following would be best solution? an 8ft (2.4 meter) fence with barbwire strands at a 45 degree out ward facing angle. a 12ft (3.7 meter) fence a 10ft (3 meter) fence with barbwire strands at a 45 degree inward facing angle a 9ft (2.7 meter) fence with barbwire strands facing up |
An 8ft (2.4 meter) fence with barbwire strands at a 45 degree out ward facing angle.
|
|
|
Which of the following is used by a user within PKI to request a certificate from a CA? OCSP ACL CPS CSR |
CSR (Certificate Signing Request) |
|
|
POP3 139 HTTP 110 NetBIOS 80 IMAP 143 |
NetBIOS ----- 139 POP3 ------ 110 HTTP ------ 80 IMAP ------ 143 |
|
|
What is used to verify security posture of an organization? Logs and inventories Two-tier model Metrics Bell-LaPadula model |
Metrics
|
|
|
Which of the following relies on out of band key exchanges to transport keys? Digital signatures Symmetric algorithms Asymmetric algorithms Hashing algorithms |
Symmetric algorithms
|
|
|
Which of the following is part of a security posture assessment to identify security problems and provide solutions for resolving these problems? Initial baseline configuration Continuous security monitoring Remediation Reporting |
Remediation Part of security posture assessment to not only identify security problems but also offer solution for the problem. |
|
|
You have configured a firewall in your office to block external traffic from reaching the company network. Which type of access control does a firewall use? Role-based access control Rule-based access control Discretionary access control Mandatory access control |
Rule-based access control Involves creating rules on a system to determine which actions are allowed or not allowed. |
|
|
You have been hired by a company as a security consultant. The company uses a customized application that references several database servers to manage client information. Users complain that multiple logins are required when using the application. Which of the following authentication methods could you recommend to resolve issue? Kerberos SSO CHAP Radius |
SSO Single Sign-on |
|
|
Which of the following options is Kerberos an example of? Implicit Deny Access Control Single sign-on Trusted OS |
Single Sign-on
|
|
|
Which of the following uses a token device consisting of an internal clock to help determine when to generate a user password? PAP CHAP HOTP TOTP |
TOTP
|
|
|
In high-security environments it may be required to configure a PDS. Which of the following is TRUE regarding an alarmed carrier PDS? It requires periodic inspections It requires continuous human observation It is located above the ceiling or below the floor All connections should be permanently sealed |
It is located above the ceiling or below the floor
|
