Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Practice questions > 10 questions all domains practice 1 > Flashcards

10 questions all domains practice 1 Flashcards

1
Q

When a penetration tester is doing a gray box testing they have which knowledge?

  1. Full knowledge and privileges access to systems
  2. No knowledge other than what is publicly available
  3. All of these
  4. Partial knowledge, user or vendor access level
A

Partial knowledge, user or vendor access level.

Gray (Grey) box (Partial Knowledge) Pen testing: The attacker has limited knowledge, a normal user, vendor or someone with limited environment knowledge.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

On which type of networking circuits can the traffic use different paths?

  1. Packet switching
  2. Weighted routing tables
  3. Circuit switching
  4. Full traffic switching
A

Packet switching.

Packet switching - Cheap, but no capacity guarantee, very widely used today. Data is sent in packets, but take multiple different paths to the destination. The packets are reassembled at the destination.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which is the safest, but should be the last resort in a data center fire?

  1. FM-200
  2. Powder
  3. Water
  4. Halon
A

Water

Water: Removes the “heat” leg of the fire triangle by lowering the temperature. Is the safest suppression agent, but for Data Centers: Water + hardware = dead hardware. Should always be a last resort and electricity could always be cut before water is used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which type ROM can only be programmed once?

  1. EPROM
  2. PROM
  3. EEPROM
  4. APROM
A

PROM

PROM (Programmable Read Only Memory) – Can only be written once, normally at the factory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

How do we define impact?

  1. A potential harmful incident
  2. Total risk after we have implemented our countermeasures.
  3. How bad is it if we are compromised, adding another vector to the risk calculation
  4. A weakness that can possibly be exploited
A

How bad is it if we are compromised, adding another vector to the Risk calculation.

Risk = Threat x Vulnerability. Impact - Can at times be added to give a more full picture. Risk = Threat x Vulnerability x Impact (How bad is it?). Total Risk = Threat x Vulnerability x Asset Value. Residual Risk = Total Risk – Countermeasures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Implementing secure cables in our building what would be our cheapest option?

  1. Copper Ethernet
  2. Wireless
  3. Fiber Ethernet
  4. Coax copper
A

Fiber Ethernet.

The most secure cable is fiber cables, it is slightly more expensive than copper, since we need both we would use fiber cables. Wireless is .. well not a cable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Patents are protected how?

  1. Protected for 20 years after filing
  2. Protected for 10 years at a time, can be renewed indefinitely
  3. Protected for 70 years after the creators death or 95 years for corporations
  4. You tell no one, if discovered you are not protected.
A

Protected for 20 years after filing.

Patents: Protects inventions for 20 years (normally) – Cryptography algorithms can be patented. Inventions must be:Novel (New idea no one has had before). Useful (It is actually possible to use and it is useful to someone). Nonobvious (Inventive work involved).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You put a fire out by removing one of the legs of the fire triangle, which is not one of them.

  1. Heat
  2. Light
  3. Fuel
  4. Oxygen
A

Light

A fire does not require light to burn. Fire suppression is done by removing one of the 3 requirements a fire has. A fire needs Oxygen, Heat and Fuel to burn. Removing any of the 3 will put the fire out. Removing Oxygen is done by replacing the oxygen in the room with something else, or covering the fire so the burning material doesn’t have oxygen access (Halon, FM200, Argon). Removing Heat is done by adding chemicals or water to the fire, cooling it down. Removing Fuel is rarely done since the fuel is our equipment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

A pen tester calling an employee and explains how they are the CEO’s executive assistant and they need to do what they are told is:

  1. Authority
  2. Intimidation
  3. Scarcity
  4. Familiarity
A

Authority.

Social engineering uses people skills to bypass security controls. Authority (someone you trust or are afraid of) - Look and sound like an authority figure, be in charge, this can be in a uniform or a suit. Most effective with impersonation, whaling, and vishing attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

When we apply standards and framework we can use tailoring to do what?

  1. To pick and chose which parts of the standard or framework we want to implement
  2. To implement the full standard of framework but implement different standards in some areas.
  3. Find out how much the implementation will cost us
  4. To see if the standard is a good fit for our organization.
A

To implement the full standard or framework, but implement different standards in some areas.

Tailoring is customizing a standard to your organization. This could be we will apply this standard, but we use a stronger encryption (AES 256bit).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Practice questions (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions