300

Question 1

A message and management protocol for TCP/IP

Answer 1

Internet Control Message Protocol (ICMP)

Question 2

An international organization that works under the Internet Architecture Board to establish standards and protocols relatings to the Internet

Answer 2

Internet Engineering Task Force (IETF)

Question 3

The network layer responsible for routing - IP addressing - and packaging

Answer 3

Internet layer

Question 4

A protocol with a store-and-forward capability

Answer 4

Internet Message Access Protocol (IMAP)

Question 5

The protocol in the TCP/IP suite responsible for network addressing

Answer 5

Internet Protocol (IP)

Question 6

A set of protocols that enable encryption - authentication - and integrity over IP

Answer 6

Internet Protocol Security (IPSec)

Question 7

A professional membership group composed primarily of Internet experts

Answer 7

Internet Society (ISOC)

Question 8

The act of entering a system without authorization to do so

Answer 8

intrusion

Question 9

Tools that identify and respond to attacks using defined rules or logic

Answer 9

intrusion detection system (IDS)

Question 10

Penetration-type testing that involves trying to break into the network

Answer 10

intrusive tests

Question 11

Making the data look as if it came from a trusted host when it didn’t (thus spoofing the IP address of the sending host)

Answer 11

IP spoofing

Question 12

A protocol that enables the creation of storage area networks (SANs) and is used in sending storage-related commands over IP networks

Answer 12

iSCSI (Internet Small Computer Systems Interface)

Question 13

An attack that involves looking at repeated results in order to crack the WEP secret key

Answer 13

IV attack

Question 14

Purposely obstructing or interfering with a signal

Answer 14

jamming

Question 15

A policy of rotating employees through various jobs

Answer 15

job rotation policy

Question 16

The ability of a filesystem to use a log file of all changes and transactions that have occurred within a set period of time (for example - the last few houres) If a crash occurrs - the operating system can look at the log files to see what transactions have been committed and which ones have not

Answer 16

journaling

Question 17

An authentication scheme that uses tickets (unique keys) embedded within messages

Answer 17

Kerberos

Question 18

A principle that states that the security of an algorithm should depend only on the secrecy of the key and not on the secrecy of the algorithm itself

Answer 18

Kerckhoffs’s principle

Question 19

An organization or facility that generates keys for users and is a part of Kerberos

Answer 19

key distribution center (KDC)

Question 20

An agency that stores keys for the purpose of law-enforcement access

Answer 20

key escrow agency

Question 21

A method of offering mutual authentication and establishing data encryption keys

Answer 21

Key Exchange Algorithm (KEA)

Question 22

The act of creating keys for use by users

Answer 22

key generation

Question 23

The temporary deferment of a key for a period of time (such as for a leave of absence

Answer 23

key suspension

Question 24

The wait time between the call for an action or activity and the actual execution of that action

Answer 24

latency

Question 25

The concept that access differs at different levels

Answer 25

lattice-based control

Question 26

A tunneling protocol often used with virtual private networks (VPNs) L2F was developed by Cisco

Answer 26

Layer 2 Forwarding (L2F)

Question 27

A tunneling protocol that adds functionality to the Point-to-Point (PPP) This protocol was created by Microsoft and Cisco - and it is often used with virtual private networkds (VPNs)

Answer 27

Layer 2 Tunneling Protocol (L2TP)

Question 28

Exploiting weaknesses in LDAP (Lightweight Directory Access Protocol) Implementations by not properly filtering input

Answer 28

LDAP injection attack

Question 29

A permission method in which users are granted only the privileges necessary to perform their job function

Answer 29

least privilege

Question 30

The policy of giving a user only the minimum permissions needed to do the work that must be done

Answer 30

least privilege policy

Question 31

A set of protocols that was derived from x

Answer 31

Lightweight Directory Access Protocol (LDAP)

Question 32

An authentication protocol created by Cisco as an extension to EAP

Answer 32

Lightweight Extensible Authentication Protocol (LEAP

Question 33

Assigning a quantitative number to the chance that something will occur

Answer 33

likelihood

Question 34

Limiting network access to a list of the MAC addresses associated with known users computers

Answer 34

MAC filtering

Question 35

A software exploitation virus that works by using the macro feature included in many applications - such as Microsoft Office

Answer 35

macro virus

Question 36

Any code that is meant to do harm

Answer 36

malicious code

Question 37

A threat from someone inside the organization intent on doing harm

Answer 37

malicious insider threat

Question 38

A security policy in which labels are used to identify the sensitivity of objects

Answer 38

Mandatory Access Control

Question 39

A policy requiring earned vacation time be used or lost

Answer 39

mandatory vacation policy

Question 40

An attack that occurs when someone/something that is trusted intercepts packets and retransmits them to another party

Answer 40

man-in-the-middle

Question 41

A device - such as a small room - that limits access to one or a few individuals

Answer 41

mantrap

Question 42

The measurement of the anticipated incidence of failure of a system or component

Answer 42

mean time between failures (MTBF)

Question 43

The measurement of the average of how long it takes a system or compnent to fail

Answer 43

mean time to failure (MTTF)

Question 44

The measurement of how long it takes to repair a system or component once a failure occurs

Answer 44

mean time to restore (MTTR)

Question 45

A sublayer of the Data Link layer of the Open Systems Interconection (OSI) model that controls the way multiple devices use the same media channel

Answer 45

Media Access Control (MAC)

Question 46

A trust model that expands the concepts of the bridge model by supporting multiple paths and multiple root certificate authorities

Answer 46

mesh trust model

Question 47

A common method of verifying integrity

Answer 47

Message Authentication Code (MAC)

Question 48

The cryptographic hash containing a string of digits within a message

Answer 48

message digest

Question 49

In a three-tier database model - this server accepts requests from clients - evaluates them - and then sends them on to the database server for processing

Answer 49

middle-tier server

Question 50

An intrusion detection system that works by detecting misuse

Answer 50

misuse-detection IDS (MD-IDS)

Question 51

Residing on more than one network

Answer 51

multihomed

Question 52

A virus that attacks a system in more than one way

Answer 52

multipartite virus

Question 53

Whenever two or more parties authenticate each other

Answer 53

mutual authentication

Question 54

An agency (formerly known as the National Bureau of Standards [NBS]) that has been involved in developing and supporting standards for the US government for over 100 years

Answer 54

National Institute of Standards and Technology (NIST)

Question 55

The US government agency responsible for protecting US communications and producing foreign intelligence information

Answer 55

National Security Agency (NSA

Question 56

An organization with the purpose of collecting “known - traceable software applications” through their hash values and storing them in a Reference Data Set (RDS) for law enforcement

Answer 56

National Software Reference Library (NSRL

Question 57

Technology that requires a user to bring the client close to the AP in order to verify (often through the RFID or Wi-Fi) that the device is present

Answer 57

near field communication (NFC)

Question 58

An early networking protocol from Microsoft

Answer 58

NetBIOS

Question 59

The set of standards defined by the network for clients attempting to access it

Answer 59

network access control (NAC)

Question 60

A server that acts as a go-between for clients accessing the Internet

Answer 60

Network Address Translation (NAT)

Question 61

The protocol Point-to-Point Protocol (PPP) employs for encapsulating network traffic

Answer 61

Network Control Protocol (NCP)

Question 62

An intrusion prevention system that is network based

Answer 62

network intrusion prevention system (NIPS)

Question 63

Another term for MAC filtering

Answer 63

network lock

Question 64

An approach to an intrusion detection system (IDS) - it attaches the system to a point in the network where it can monitor and report on all network traffic

Answer 64

network-based IDS (NIDS)

Question 65

Penetration/vulnerability testing that takes a passive approach rather than actually trying to break into the network

Answer 65

nonintrusive tests

Question 66

Making sure the sender can’t repudiate (dispute) sending the data

Answer 66

nonrepudiation

Question 67

A database that is not a relational database and does not use SQL

Answer 67

NoSQL database

Question 68

Storing data off the premise - usually in a secure location

Answer 68

offsite storage

Question 69

An antenna type that receives a signal from all directions

Answer 69

omnidirectional

Question 70

A database model in which the database and the application exist on a single system

Answer 70

one-tier model

Question 71

A type of encryption in which plain text is paired with secret keys and then encrypted

Answer 71

one-time pad

Question 72

A real-time protocol that replaces CRLs to immediately verify a certificate’s authenticity

Answer 72

Online Certificate Status Protocol (OCSP

Question 73

Storing backup data at the same site as the servers on which the original data resides

Answer 73

onsite storage

Question 74

A firewall technology that accepts or rejects packets based on their content

Answer 74

packet filtering

Question 75

The process of looking through message packets to find data

Answer 75

packet sniffing

Question 76

The computation of parity for a given set of data

Answer 76

parity information

Question 77

The correct method of extinguishing a fire with an extinguisher: pull - aim - squeeze and sweep

Answer 77

PASS method

Question 78

A nonactive response - such as logging

Answer 78

passive response

Question 79

Attempting to ascertain a password that you should not know

Answer 79

password attacks

Question 80

A fix for a known software problem

Answer 80

patch

Question 81

Password-Based Key Derivation Function 2 applies some function (like a hash or HMAC) to the password or passphrase along with Salt to produce a derived key

Answer 81

PBKDF2

Question 82

Security set up on the outside of the network or server to protect it

Answer 82

perimeter security

Question 83

Card required of federal employees and contractors to gain access (physical and logical) to government resources

Answer 83

Personal Identity Verification (PIV)

Question 84

Information that can be uniquely used to identify - contact - or locate a single person

Answer 84

personally identifiable information (PII)

Question 85

A virus that modifies and alters other programs and databases

Answer 85

phage virus

Question 86

A form of redirection in which traffic intended for one host is sent to another

Answer 86

pharming

Question 87

A form of social engineering in which you simply ask someone for a piece of information that you are missing by making it look as if it is a legitimate request

Answer 87

phishing

Question 88

A large Internet Control Message Protocol (ICMP) packet sent to overflow the remote host’s bugger

Answer 88

ping of death

Question 89

Standard telephone service - as opposed to other connection technologies like Digital Subscriber Line (DSL)

Answer 89

plain-old telephone service (POTS)

Question 90

A cloud service model wherein the consumer can deploy but does not manage or control any of the underlying cloud infrastructure

Answer 90

Platform as a Service (PaaS)

Question 91

When portable data storage devices (such as an iPod) are plugged directly into a machine and used to bypass the network security measures and illicitly download confidential information

Answer 91

pod slurping

Question 92

A full-duplex line protocol that supersedes Serial Line Internet Protocol (SLIP) Its part of the standard TCP/IP suite and is often used in dial-up connections

Answer 92

Point-to-Point Protocol (PPP)

Question 93

An extension to Point-to-Point Protocol (PPP) that is used in virtual private networks (VPNs) An Alternative to PPTP is L2TP

Answer 93

Point-to-Point Tunneling Protocol (PPTP)

Question 94

Rules or standards governing usage

Answer 94

policies

Question 95

An attribute of some viruses that allows them to mutate and appear differently each time they crop up

Answer 95

polymorphic

Question 96

A means of translating between ports on a public and private network

Answer 96

Port Address Translation (PAT)

Question 97

Scanning a server for open ports that can be taken advantage of by sending messages to ports to see which ones are available and which ones arent

Answer 97

port scanning

Question 98

Connections available within TCP/IP

Answer 98

ports

Question 99

An email access program that can be used to retrieve email from an email server

Answer 99

Post Office Protocol (POP)

Question 100

The protocol used to download email from an SMTP email server to a network client

Answer 100

Post Office Protocol Version 3 (POP3)