ALL

Question 1

<p>what is a public cloud?</p>

Answer 1

<p>the standard cloud computing model where a service provider makes resources available to the public over the internet</p>

Question 2

<p>what does OS fingerprinting involve?</p>

Answer 2

<p>using active fingerprinting to look at the ports (open/closed and the types of responses) and passive fingerprinting to examine the traffic to and from the computer (looking for the default window size or TTL of packets)</p>

Question 3

<p>what are the three main protocols that can be used for wireless networks?</p>

Answer 3

<p>wired equivalent privacy (WEP), WPAv1, WPAv2</p>

Question 4

<p>what is the purpose of infrastructure as a service (IaaS) in cloud computing?</p>

Answer 4

<p>it provides computer and server infrastructure, typically through a virtualization environment</p>

Question 5

<p>what do you use to control traffic from the internet to the LAN (local area network) by controlling the packets that are allowed to enter the LAN?</p>

Answer 5

<p>a firewall</p>

Question 6

<p>what is the most common type of system used to detect intrusions into a computer network?</p>

Answer 6

<p>NIDS</p>

Question 7

<p>what is the purpose of PaaS in cloud computing?</p>

Answer 7

<p>it provides not only a virtualized deployment platform but also a value-added solution stack and an application development platform</p>

Question 8

<p>what is the term for an unauthorized access that a network-based intrusion detection system (NIDS) fails to detect?</p>

Answer 8

<p>missed detection or false positive</p>

Question 9

<p>what does the acronym IDS denote?</p>

Answer 9

<p>Intrusion detection system</p>

Question 10

<p>what is the main difference between an IDS and an IPS?</p>

Answer 10

<p>an IDS detects intrusions. an IPS prevents intrusions</p>

Question 11

<p>what does the acronym ACL denote?</p>

Answer 11

<p>access control list</p>

Question 12

<p>what devices can limit the effectiveness of sniffing attacks: switches or routers?</p>

Answer 12

<p>switches</p>

Question 13

<p>what are the two major types of intrusion detection systems (IDS)?</p>

Answer 13

<p>network IDS (NIDS) and host IDS (HIDS)</p>

Question 14

<p>which type of IDS detects attack on individual devices?</p>

Answer 14

<p>host intrusion detection system (HIDS)</p>

Question 15

<p>which layer 3 device allows different logical networks to communicate?</p>

Answer 15

<p>router</p>

Question 16

<p>what is the default rule found in a firewall's access control list (ACL)?</p>

Answer 16

<p>deny all</p>

Question 17

<p>what does the acronym NIDS denote?</p>

Answer 17

<p>network-based intrusion detection system</p>

Question 18

<p>which security control is lost when using cloud computing?</p>

Answer 18

<p>physical control of the data</p>

Question 19

<p>what is the term for an authorized access that a network-based intrusion detection system (NIDS) incorrectly detects as an attack?</p>

Answer 19

<p>false positive</p>

Question 20

<p>what are the four types of cloud computing based on management type?</p>

Answer 20

<p>public, private, hybrid, and community</p>

Question 21

<p>what is hybrid cloud?</p>

Answer 21

<p>a cloud computing environment in which an organization provides and manages some resources in-house and has others provided externally via a public cloud</p>

Question 22

<p>what is multi-tenancy cloud?</p>

Answer 22

<p>a cloud model where multiple tenants share the resources. this model allows the service providers to manage the resource utilization more efficiently</p>

Question 23

<p>which type of system identifies suspicious patterns that may indicate a network or system attack?</p>

Answer 23

<p>intrusion detection system (IDS)</p>

Question 24

<p>why is data isolation used in cloud environments?</p>

Answer 24

<p>to ensure that tenant data in a multi-tenant solution is isolated from other tenant' data using a tenant ID in the data labels</p>

Question 25

<p>which information do routers use to forward packets to their destinations?</p>

Answer 25

<p>the network address and subnet mask</p>

Question 26

<p>what does the acronym HIDS denote?</p>

Answer 26

<p>host-based intrusion detection system</p>

Question 27

<p>what is a community cloud?</p>

Answer 27

<p>an infrastructure that is shared among several organizations from a specific group with common computing concerns</p>

Question 28

<p>what is the purpose of software as a service (SaaS) in cloud computing?</p>

Answer 28

<p>it ensures on-demand, online access to an application suite without the need for local installation</p>

Question 29

<p>what is a single-tenancy cloud?</p>

Answer 29

<p>a cloud model where a single client or organization uses a resource</p>

Question 30

<p>what OS footprinting do?</p>

Answer 30

<p>it performs the fingerprinting steps as well as gathering additional information, such as polling DNS (check the status/survey), registrar queries, and so on</p>

Question 31

<p>which type of IDS detects malicious packets on a network?</p>

Answer 31

<p>network intrusion detection system (NIDS)</p>

Question 32

what is lightweight extensible authentication protocol (LEAP)?

Answer 32

a proprietary wireless LAN authentication method developed by Cisco Systems

Question 33

which type of analysis involves identifying traffic that is abnormal?

Answer 33

anomaly analysis

Question 34

which wireless protocol provides the best security: WEP, WAP, WPA, or WPA2?

Answer 34

WPA2 with CCMP

Question 35

which category of IDS might increase logging activities, disable a service, or close a port as a response to a detected security breach?

Answer 35

active detection

Question 36

what does the acronym SIEM denote?

Answer 36

security information and event management

Question 37

what should you do to ensure that a wireless access point signal does not extend beyond it needed range?

Answer 37

reduce the power levels

Question 38

which type of analysis involves examining information in the header of the packet?

Answer 38

protocol analysis

Question 39

what is the purpose of MAC filtering?

Answer 39

to restrict the clients that can access a wireless network

Question 40

what is protected extensible authentication protocol (PEAP)?

Answer 40

a protocol that encapsulates the EAP within an encrypted and authenticated TLS tunnel

Question 41

what are the two modes of WAP and WPA2?

Answer 41

personal (also called preshared key or WPA-PSK / WPA2-PSK) and enterprise

Question 42

what type of analysis focuses on the long term direction in the increase or decrease in a particular type of traffic?

Answer 42

trend analysis

Question 43

which security protocol is the standard encryption protocol for use with the WPA2 standard?

Answer 43

counter mode cipher block chaining message authentication code protocol (CCMP)

Question 44

which security protocol was designed as an interim solution to replace WEP without requiring the replacement of legacy hardware?

Answer 44

temporal key integrity protocol (TKIP)

Question 45

which intrusion detection system (IDS) watches for intrusions that match a known identity?

Answer 45

signature-based IDS

Question 46

which software can collect logs from specified devices, combine the logs, and analyze the combined logs for security issues?

Answer 46

security information and event management (SIEM)

Question 47

what doe heuristic analysis do?

Answer 47

it determines the susceptibility of a system towards a particular threat/risk using decision rules or weighing methods

Question 48

which protocol does the enterprise mode of WPA and WPA2 use for authentication?

Answer 48

extensible authentication protocol (EAP)

Question 49

which wireless mode ensures that wireless clients can only communicate with the wireless access point and not with other wireless clients?

Answer 49

isolation mode

Question 50

which type of IDS or IPS uses an initial database of known attack types but dynamically alters their signatures base on learned behavior?

Answer 50

heuristic

Question 51

what doe packet analysis do?

Answer 51

it examines the entire packet, including the payload

Question 52

what are the non-overlapping channels for 802.11g/n?

Answer 52

channels 1,6, and 11

Question 53

what are the non-overlapping channels for 802.11b?

Answer 53

channels 1,6,11, and 14

Question 54

what is the most secure implementation of file transfer protocol (FTP)?

Answer 54

secure file transfer protocol (SFTP)

Question 55

what is the name for a hole in the security of an application deliberately left in place by a designer?

Answer 55

backdoor

Question 56

which malicious software infects a system without relying upon other applications for its execution?

Answer 56

a worm

Question 57

what does an anti-virus application signature file contain?

Answer 57

it contains identifying information about viruses

Question 58

which application or services uses TCP/UDP port 3389?

Answer 58

remote desktop protocol (RDP)

Question 59

which port number is used by TFTP?

Answer 59

UDP port 69

Question 60

what is the name for a fix that addresses a specific windows system problem or set of problems?

Answer 60

hotfix

Question 61

which firewall port should you enable to allow SMTP trafic to flow through the firewall?

Answer 61

port 25

Question 62

how many TCP/UDP ports are vulnerable to malicious attacks?

Answer 62

65,536

Question 63

which type of virus can change its signature to avoid detection?

Answer 63

polymorphic

Question 64

what is the default PPTP port?

Answer 64

TCP port 1723

Question 65

what is the purpose of NAC?

Answer 65

network access control (NAC) ensures that the computer on the network meets an organization’s security policies

Question 66

using role-based access control (RBAC), which entities are assigned roles?

Answer 66

users or subjects

Question 67

what is the name of the area that connects to a firewall and offers services to untrusted networks?

Answer 67

DMZ

Question 68

which virus creates many variants by modifying its code to deceive antivirus scanners?

Answer 68

polymorphic virus

Question 69

which port should you block at your network firewall to prevent telnet access?

Answer 69

port 23

Question 70

what is a good solution if you need to separate two departments into separate networks?

Answer 70

VLAN segregation

Question 71

which port number does LDAP use for communications encrypted using SSL/TLS?

Answer 71

port 636

Question 72

which type of code performs malicious acts only when a certain set of conditions occurs?

Answer 72

a logic bomb

Question 73

which firewall port should you enable to allow IMAP4 traffic to flow through the firewall?

Answer 73

TCP port 143

Question 74

which two port does FTP use?

Answer 74

ports 20 and 21

Question 75

what does VLAN segregation accomplish?

Answer 75

it protects each individual segment by isolating the segments

Question 76

which port number does HTTP use?

Answer 76

port 80

Question 77

which port numbers are used by NetBIOS?

Answer 77

ports 137, 138, 139

Question 78

which type of malware appears to perform a valuable function, but actually performs malicious acts?

Answer 78

trojan horse

Question 79

which port number does LDAP use when communications are not secured using SSL/TLS?

Answer 79

port 389

Question 80

what does the acronym RBAC denote?

Answer 80

role-based access control

Question 81

which viruses are written in macro language and typically infect operating systems?

Answer 81

macro viruses

Question 82

who can change a resource’s category in a mandatory access control environment?

Answer 82

administrators only

Question 83

which port number does NNTP (network news transfer protocol) use?

Answer 83

TCP port 119

Question 84

what is a trojan horse?

Answer 84

malware that is disguised as a useful utility, but is embedded with a malicious code to infect computer systems

Question 85

which port number does NTP use?

Answer 85

port 123

Question 86

what does the acronym DAC denote?

Answer 86

discretionary access control

Question 87

which firewall port should you enable to allow POP3 traffic to flow through the firewall?

Answer 87

TCP port 110

Question 88

which port number does DHCP use?

Answer 88

port 67

Question 89

which port number is used by SSL, FTPS, and HTTPS?

Answer 89

TCP port 443

Question 90

which port number is used by SSH, SCP, and SFTP?

Answer 90

port 22

Question 91

what is the default L2TP port?

Answer 91

UDP port 1701

Question 92

which type of access control associates roles with each user?

Answer 92

role-based access control (RBAC)

Question 93

why should you install a software firewall and the latest software patches and hotfixes on your computer?

Answer 93

to reduce security risks

Question 94

what is the name for a collection of hotfixes that have been combined into a single patch?

Answer 94

a service pack

Question 95

which type of access control is the multi-level security mechanism used by the department of defense (DoD)?

Answer 95

mandatory access control (MAC)

Question 96

which port number does DNS use?

Answer 96

port 53

Question 97

which port number is used by SMB?

Answer 97

tcp port 445

Question 98

what is a file considered in a mandatory access control environment?

Answer 98

an object

Question 99

what is the purpose of anti-spam application or filters?

Answer 99

to prevent unsolicited e-mail

Question 100

which type of access control was originally developed for military use?

Answer 100

mandatory access control (MAC)

Question 101

when should you install a software patch on a production server?

Answer 101

after the patch has been tested

Question 102

which type of access control is most suitable for top-secret information?

Answer 102

mandatory access control (MAC)

Question 103

which port number does SNMP use?

Answer 103

UDP port 161

Question 104

in a secure network, what should be the default permission position?

Answer 104

implicit deny

Question 105

which port number does SSH use?

Answer 105

port 22

Question 106

which type of virus attempts to hide from antivirus software and from the operating system by remaining in memory?

Answer 106

stealth

Question 107

which port is used for LDAP authentication?

Answer 107

port 389

Question 108

which self-replicating computer program sends copies of itself to other devices on the network?

Answer 108

worm

Question 109

which port number is used by microsoft SQL server?

Answer 109

tcp port 1433

Question 110

which TCP port number does secure sockets layer (SSL) use?

Answer 110

port 443

Question 111

according to the CySA+ objectives, what are the six rules of engagement for penetration testing?

Answer 111

timingscopeauthorizationexploitationcommunicationreporting

Question 112

is a DHCP server normally placed inside a DMZ?

Answer 112

no

Question 113

what is meant by the term exploitation in regards to rules of engagement in penetration testing?

Answer 113

all exploits that will be attempted during a scan

Question 114

what is decomposition?

Answer 114

the process of breaking software or malware down to discover how it works

Question 115

what is meant by the term scope in regards to vulnerability testing?

Answer 115

the devices or parts of the network that can be scanned and the types of scans to be performed

Question 116

which technology enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic, while hiding internal addresses or address space?

Answer 116

NAT

Question 117

which assessment determines whether network security is properly configured to rebuff hacker attacks?

Answer 117

penetration test

Question 118

what is the purpose of network segmentation?

Answer 118

to isolate a group of devices

Question 119

what can be used to run a possibly malicious program in a safe environment?

Answer 119

sandbox

Question 120

which term is used for the process of verifying the integrity of a file by using a hashing algorithm?

Answer 120

fingerprinting or hashing

Question 121

what is the purpose of the blue team in a training exercise?

Answer 121

defending the device or network

Question 122

which documentation reduces the likelihood that you have received counterfeit equipment?

Answer 122

OEM (original equipment manufacturer) documentation

Question 123

which type of connectivity provides a remote user the ability to safely connect to his or her corporate network while maintaining data confidentiality and integrity?

Answer 123

VPN

Question 124

what is the purpose of the red team in a training exercise?

Answer 124

attacking the devices or network

Question 125

what is meant by the term timing in regards to penetration testing?

Answer 125

the time when the test should occur and when it should not occur

Question 126

what is the primary security advantage of using NAT?

Answer 126

NAT hides internal IP addresses from the public network

Question 127

what is meant by the term authorization in regards to penetration testing?

Answer 127

the written agreement and legal authority to perform a vulnerability test

Question 128

which type of test attempts to exploit vulnerabilities?

Answer 128

penetration test or pentest

Question 129

which type of test ONLY identifies vulnerabilities?

Answer 129

vulnerability test

Question 130

what is the purpose of rules of engagement for penetration testing?

Answer 130

they define how a penetration test should occur, including the factors that limit the penetration test

Question 131

what does the acronym OEM denote?

Answer 131

original equipment manufacturer

Question 132

which team acts as the referee during a training exercise?

Answer 132

white team

Question 133

what is the purpose of the Trusted Foundry?

Answer 133

it identifies trusted vendors and ensures a trusted supply chain for the united states department of defense (DoD)

Question 134

does each VLAN create its own collision domain or its own broadcast domain?

Answer 134

broadcast domain

Question 135

what should you consult to identify all systems that need to have a vulnerability scan?

Answer 135

the company’s asset inventory

Question 136

what is a flaw, loophole, or weakness in the system, software, or hardware?

Answer 136

vulnerabiltiy

Question 137

which scan has less of an impact on the network: agent-based or server-based?

Answer 137

agent-based vulnerability scans because they run on the device and only send the report to the centralized server

Question 138

what are the two main factors that CompTIA list as factors for prioritizing vulnerability remediation?

Answer 138

criticality and difficulty of implementation

Question 139

how often should vulnerability scans be carried out based on PCI-DSS standards?

Answer 139

every three months and whenever systems are updated

Question 140

which SCAP component provides standardized names for security-related software flaws?

Answer 140

common vulnerabilities and exposures (CVE)2

Question 141

what does the acronym CCE denote?

Answer 141

common configuration enumeration

Question 142

which systems provides CCE and CVE identifiers for vulnerability scans?

Answer 142

security content automation protocol (SCAP)

Question 143

which term is used for an agreement that is signed by two partnering companies?

Answer 143

business partners agreement (BPA)

Question 144

what does the acronym CVE denote?

Answer 144

common vulnerabilities and exposures

Question 145

which term is used for an agreement between two or more parties where the parties cannot create a legally enforceable agreement?

Answer 145

memorandum of understanding (MoU)

Question 146

what does the acronym SCAP denote?

Answer 146

security content automation protocol

Question 147

which step of the vulnerability management process involves assessing the documented requirements and workflow to determine when scans should occur?

Answer 147

establish scanning frequency

Question 148

why should you document workflow prior to setting up a vulnerability scan?

Answer 148

to help provide business constraints for the scan

Question 149

which step of the vulnerability management process involves documenting the regulatory environment and corporate policy, classifying data, and obtaining an asset inventory?

Answer 149

identify requirements

Question 150

in which situation will you accept a risk?

Answer 150

when the cost of the safeguard exceeds the amount of the potential loss

Question 151

why should you deploy remediation in a sandbox environment?

Answer 151

to test the effects of the remediation to ensure that the devices will be able to function properly after deployment

Question 152

what is the process for the vulnerability management process?

Answer 152

1. identify requirements2. establish scanning frequency3. configure the tools to perform the scans according to specifications4. execute the scan5. generate scan reports6. provide remediation for discovered vulnerabilities

Question 153

what does the acronym CVSS denote?

Answer 153

common vulnerability scoring system

Question 154

what is a service level agreement (SLA)?

Answer 154

a contract between a network service provider and a customer that specifies the services the network service provider will furnish

Question 155

which range of CVSS scores indicates low priority?

Answer 155

0.1 to 3.9

Question 156

what is meant by the term vulnerability feed?

Answer 156

the updates to the vulnerability scanner that ensures that the scanner is able to recognize newly discovered vulnerabilities

Question 157

which range of CVSS scores indicates high priority?

Answer 157

7.0 to 8.9

Question 158

what happens with an agent-based vulnerability scan?

Answer 158

agents are installed on the devices to run the scan and send the report to a centralized server

Question 159

which range of CVSS scores indicates medium priority?

Answer 159

4.0 to 6.9

Question 160

what is the recommended action when the cost of the safeguard exceeds the amount of the potential loss for a given risk?

Answer 160

to accept the risk

Question 161

which permissions should you assign the account used for the vulnerability scans?

Answer 161

read only

Question 162

which SCAP component provides standard names for product names and versions?

Answer 162

common platform enumeration (CPE)

Question 163

which step of the vulnerability management process includes scanning criteria, such as sensitivity levels, vulnerability feed, and scope?

Answer 163

configure the tools to perform the scans according to specifications

Question 164

which range of CVSS scores indicates critical priority?

Answer 164

9.0 to 10.0

Question 165

what is meant by the scope of a vulnerability scan?

Answer 165

the range of hosts or subnets included in the scan

Question 166

what is the purpose of a discovery vulnerability scan?

Answer 166

to create an inventory of assets based on host or service discovery

Question 167

which SCAP component provides a standardized metric that measures and describes the severity of security-related software flaws?

Answer 167

common vulnerability scoring system (CVSS)

Question 168

what is the term Nessus uses for vulnerability feeds?

Answer 168

plug-ins

Question 169

which type of vulnerability scan includes the appropriate permissions for the different data types?

Answer 169

credentialed scan

Question 170

what does a CVSS score of 0 indicate?

Answer 170

no issues

Question 171

what are the FIVE inhibitors to remediation after a vulnerability scan?

Answer 171

MOUsSLAsOrganizational GovernanceBusiness process interruptionDegrading functionality

Question 172

what does the acronym CPE denote?

Answer 172

common platform enumeration (CPE)

Question 173

what are the three possible values of the availability (A) metric of the CVSS vector, and what do they stand for?

Answer 173

N - NoneP - PartialC - Complete

Question 174

which value of the authentication (Au) metric of the CVSS vector means no authentication mechanisms are in place to stop the exploitation of the vulnerability?

Answer 174

N

Question 175

which CVSS metric describes the authentication on attacker would need to get through to exploit the vulnerability?

Answer 175

the authentication (Au) metric

Question 176

which value of the access vector (AV) metric of the CVSS vector indicates that the attacker must have physical access to the affected system?

Answer 176

L

Question 177

which value of the Access Vector (AV) metric of the CVSS vector indicates the attacker can cause the vulnerability from any network?

Answer 177

N

Question 178

which value of the confidentiality (C) metric of the CVSS vector means all information on the system could be compromised?

Answer 178

C

Question 179

which value of the Confidentiality (C) metric of the CVSS vector means some access to information would occur?

Answer 179

P

Question 180

what are the three possible values of the Access Vector (AV) metric of the CVSS vector, and what do they stand for?

Answer 180

L - LocalA - AdjacentN - Network

Question 181

which CVSS metric describes the difficulty of exploiting the vulnerability?

Answer 181

the access complexity (AC) metric

Question 182

which CVSS metric describes the information disclosures that may occur if the vulnerability is exploited?

Answer 182

the confidentiality (C) metric

Question 183

what are the three main possible values of the authentication (Au) metric of the CVSS vector, and what do they stand for?

Answer 183

M - MultipleS - SingleN - None

Question 184

which value of the availability (A) metric of the CVSS vector means system performance is degraded?

Answer 184

P

Question 185

which CVSS metric describes how the attacker would exploit the vulnerability?

Answer 185

the access vector (AV) metric

Question 186

which value of the integrity (I) metric of the CVSS vector means some information modification would occur?

Answer 186

P

Question 187

what are the three possible values of the confidentiality (C) metric of the CVSS vector, and what do they stand for?

Answer 187

N - NoneP - PartialC - Complete

Question 188

which value of the integrity (I) metric of the CVSS vector means all information on the system could be compromised?

Answer 188

C

Question 189

which value of the Access Complexity (AC) metric of the CVSS vector means the vulnerability does not require special conditions?

Answer 189

L

Question 190

which value of the availability (A) metric of the CVSS vector means the system is completely shut down?

Answer 190

C

Question 191

which CVSS metric describes the disruption that might occur if the vulnerability is exploited?

Answer 191

the availability (A) metric

Question 192

what should you do for the false positives in a vulnerability scanning report once you have verified that they are indeed false?

Answer 192

configure exceptions for the false positives in the vulnerability scanner

Question 193

what is meant by the term false negative in a vulnerability scan?

Answer 193

when the vulnerability scan indicated no vulnerabilities existed when, in fact, one was present

Question 194

which value of the access vector (AV) metric of the CVSS vector indicates the attacker must be on the local network?

Answer 194

A

Question 195

which value of the integrity (I) metric of the CVSS vector means there is no integrity impact?

Answer 195

N

Question 196

which CVSS metric describes the type of data alteration that might occur?

Answer 196

the integrity (I) metric

Question 197

which value of the Confidentiality (C) metric of the CVSS vector means there is no confidentiality impact?

Answer 197

N

Question 198

which value of the authentication (Au) metric of the CVSS vector means the attacker would need to get through two or more authentication mechanisms?

Answer 198

M

Question 199

which value of the authentication (Au) metric of the CVSS vector means the attacker would need to get through one authentication mechanism?

Answer 199

S

Question 200

what are the three possible values of the Access Complexity (AC) metric of the CVSS vector, and what do they stand for?

Answer 200

H - HighM - MediumL - Low

Question 201

what are the three possible values of the integrity (I) metric of the CVSS vector, and what do they stand for?

Answer 201

N - NoneP - PartialC - Complete

Question 202

which value of the Availability (A) metric of the CVSS vector means there is no availability impact?

Answer 202

N

Question 203

which value of the Access Complexity (AC) metric of the CVSS vector means the vulnerability requires somewhat special conditions?

Answer 203

M

Question 204

which value of the Access Complexity (AC) metric of the CVSS vector means the vulnerability requires special conditions that are hard to find?

Answer 204

H

Question 205

what should you do if you expect that there are false positives in a vulnerability scanning report?

Answer 205

verify the false positives to ensure that you can eliminate them from the report

Question 206

in which type of attack is a user connected to a different web server than the one intended by the user?

Answer 206

hyperlink spoofing attack

Question 207

what is meant by VM escape?

Answer 207

viruses and malware can migrate multiple VMs on a single server

Question 208

which type of system does a stuxnet attack target?

Answer 208

a supervisory control and data acquisition (SCADA) system

Question 209

which type of attack involves flooding a recipient e-mail address with identical e-mails?

Answer 209

spamming attack

Question 210

what is a replay attack?

Answer 210

an attack where an intruder records the communication between a user and a server, and later plays the recorded information back to impersonate the user

Question 211

what is the purpose of GPS tracking on a mobile device?

Answer 211

it allows a mobile device to be located

Question 212

what is a command injection?

Answer 212

when an operating system command is submitted in an HTML string

Question 213

what is war chalking?

Answer 213

leaving signals about a wireless network on the outside of the building where it is housed

Question 214

which attack is an extension of the denial-of-service (DoS) attack and uses multiple computers?

Answer 214

DDoS attack

Question 215

which component of a computer use policy indicates that data stored on a company computer is not guaranteed to remain confidential?

Answer 215

a no expectation of privacy policy

Question 216

how do you ensure that data is removed from a mobile device that has been stolen?

Answer 216

use a remote wipe or remote sanitation program

Question 217

what is phishing?

Answer 217

when an e-mail request for confidential information that appears to originate from a bank or other trusted institution is received

Question 218

what is click-jacking?

Answer 218

a technique that is used to trick users into revealing confidential information or taking over the user’s computer when clicking links

Question 219

what does the acronym SCADA denote?

Answer 219

supervisory control and data acquisition

Question 220

which type of attack allows an attacker to redirect internet traffic by setting up a fake DNS server to answer client requests?

Answer 220

DNS spoofing

Question 221

what is the purpose of screen locks on mobile devices?

Answer 221

to prevent users from accessing the mobile device until a password or other factor is entered

Question 222

which type of attack is characterized by an attacker who records an encrypted transmission between a client and a server computer so that he or she can then send it to the server to gain access?

Answer 222

a replay attack

Question 223

why is it important to limit the use of flash drives and portable music devices by organization employees?

Answer 223

to prevent users from copying data to their personnel devices and possibly causing data leakage or from transferring malware to corporate computers

Question 224

which type of attack is characterized by an attacker who situates himself or herself in such a way that he or she can intercept all traffic between two hosts?

Answer 224

man-in-the-middle

Question 225

should virtual servers have the same information security requirements as physical servers?

Answer 225

Yes

Question 226

what is a smurf attack?

Answer 226

an attack where a ping request is sent to a broadcast network address with the aim of overwhelming the system

Question 227

what causes VM sprawl to occur?

Answer 227

when multiple VMs become difficult to manage

Question 228

what is an Xmas attack?

Answer 228

an attack that looks for open ports

Question 229

what is an XML injection?

Answer 229

when a user enters values in an XML query that takes advantage of security loopholes

Question 230

what is the purpose of SCADA?

Answer 230

to collect data from factories, plants, or other remote locations, and send the data to a central computer that manages and controls the data

Question 231

what does the acronym ICS denote?

Answer 231

industrial control system

Question 232

which servers are susceptible to the same type of attacks as their hosts, including denial of service attacks, detection attack, and escape attacks?

Answer 232

virtual servers

Question 233

what is spear phishing?

Answer 233

an e-mail request for confidential information that appears to come from your supervisor

Question 234

what is the main difference between virtualization and cloud computing?

Answer 234

the location and ownership of the physical components

Question 235

what is an evil twin?

Answer 235

an access point with the same SSID as the legitimate access point

Question 236

what is vishing?

Answer 236

a special type of phishing that uses VoIP

Question 237

where should you physically store mobile devices to prevent theft?

Answer 237

in a locked cabinet or safe

Question 238

what is whaling?

Answer 238

a special type of phishing that targets a single power user, such as Chief Executive Officer (CEO)

Question 239

what is the purpose of a remote sanitation application on a mobile device?

Answer 239

to ensure that the data on the mobile device can be erased remotely in the event the mobile device is lost or stolen

Question 240

which address is faked with IP spoofing attacks?

Answer 240

the source IP address

Question 241

what is bluesnarfing?

Answer 241

the act of gaining unauthorized access to a device (and the network it is connected to) through its bluetooth connection

Question 242

which attack uses clients, handles, agents, and targets?

Answer 242

DDoS attack

Question 243

when does path traversal occur?

Answer 243

when the ../ characters are entered into the URL to traverse directories that are not supposed to be available from the Web

Question 244

what is war driving?

Answer 244

the act of discovering unprotected wireless network by driving around with a laptop

Question 245

which type of attack does challenge handshake authentication protocol (CHAP) protect against?

Answer 245

replay

Question 246

what does the acronym DDoS denote?

Answer 246

distributed denial of service

Question 247

what is header manipulation?

Answer 247

when a hacker is able to manipulate a packet header to deface, hijack, or poison the packet

Question 248

what is bluejacking?

Answer 248

an attack that sends unsolicited messages over a bluetooth connection

Question 249

which attack requires that the hacker compromise as many computers as possible to initiate the attack?

Answer 249

DDoS attack

Question 250

what is an IP spoofing attack?

Answer 250

an attack in which the source IP address in an IP datagram is modified to imitate the IP address of a packet originating from an authorized source

Question 251

which type of attack searches long lists of words for a particular language to match them to an encrypted password?

Answer 251

dictionary attack

Question 252

why is GPS tracking often disabled?

Answer 252

it is considered a security threat. as long as GPS tracking is enabled and the mobile device is powered on, the device (and possibly its user) can be located

Question 253

what is spimming?

Answer 253

an instance of spam sent over an instant message application

Question 254

what is malicious insider?

Answer 254

an employee who uses his access to the network and facility to obtain confidential information

Question 255

what is the purpose of a screen lock on a mobile device?

Answer 255

to act as a deterrent if a mobile device is lost or stolen by requiring a key combination to activate the device

Question 256

encrypting all files on a system hardens which major component of a server?

Answer 256

the file system

Question 257

what is an IV attack?

Answer 257

cracking the WEP secret key using the initialization vector (IV)

Question 258

what is pharming?

Answer 258

traffic redirection to a web site that looks identical to the intended web site

Question 259

what is the purpose of mobile device encryption?

Answer 259

to ensure that the contents of the mobile device are confidential

Question 260

which type of attack sequentially generates every possible password and checks them all against a password file?

Answer 260

brute force attack

Question 261

which type of brute-force attack attempts to find any two hashed messages that have the same value?

Answer 261

a birthday attack

Question 262

what does the acronym MTD denote?

Answer 262

maximum tolerable downtime

Question 263

what is MTBF?

Answer 263

the estimated amount of time a device will operate before a failure occurs

Question 264

what are the four types of personally identifiable information (PII)?

Answer 264

personal characteristics - such as full name, DoB, height, ethnicity, place of birth, mother’s maiden name, and biometric characteristicsa unique set of numbers assigned to an individual - such as government ID number, telephone number, driver’s license number, and PINdescriptions of events or points in time - such as arrest records, employment records, and medical recordsdescription of locations or places - such as GPS tracking information

Question 265

what does the acronym RTO denote?

Answer 265

recovery time objective

Question 266

what does the acronym MTBF denote?

Answer 266

mean time between failures

Question 267

what does the acronym RPO denote?

Answer 267

recovery point objective

Question 268

which two factors should contribute to incident severity and prioritization?

Answer 268

impact scope and the type of data affected

Question 269

which attack is one discovered in live environments for which no current fix or patch exists?

Answer 269

zero-day attack

Question 270

what is RTO?

Answer 270

the shortest time period after a disaster or disruptive event within which a resource or function must be restored to avoid unacceptable consequences

Question 271

which impact scope factor refers to the amount of data corrupted or altered during the incident?

Answer 271

data integrity

Question 272

what does the acronym PHI denote?

Answer 272

personal health information

Question 273

what is meant by economic factor of an incident?

Answer 273

the cost of the incident to the organization

Question 274

which impact scope factor refers to the amount of time taken to recover from the incident?

Answer 274

recovery time

Question 275

which attack type targets a specific entity and is carried out over a long period of time?

Answer 275

advanced persistent threat (APT)

Question 276

which impact scope factor refers to the amount of time access to resource were interrupted?

Answer 276

downtime

Question 277

what is MTD?

Answer 277

the maximum amount of time that an organization can tolerate a single resource or function being down

Question 278

what does the acronym PII denote?

Answer 278

personally identifiable information

Question 279

what is RPO?

Answer 279

the point in time to which the disrupted resource or function must be returned

Question 280

what is the best method to preserve evidence on a computer: bit stream backup or standard backup?

Answer 280

bit stream backup

Question 281

what is the order of volatility from most volatile to least volatile?

Answer 281

registers, cacheswap spacerouting table, ARP cache, process table, kernel statistics, and memorytemporary file systemsdiskremote logging and monitoring data that is relevant to the system in question

Question 282

what are the FOUR documents/forms that should be part of forensic kit?

Answer 282

chain of custody form, incident response plan, incident form, call list/escalation list

Question 283

what is a write blocker?

Answer 283

a tool that permits read-only access to data storage devices without compromising the integrity of the data

Question 284

what is the purpose of imaging utilities included in a forensic kit?

Answer 284

to create a bit-level copy of drives

Question 285

what are the NINE components that should be included in a forensic kit?

Answer 285

1. digital forensics workstation2. write blockers3. cables4. drive adaptors5. wiped removable media6. camera7. crime tape8. tamper-proof seals9. documentation/forms

Question 286

what is the purpose of the chain of custody form?

Answer 286

it will indicate who has handled the evidence, when they handled it, and the order in which the handler was in possession of the evidence

Question 287

which condition must be true of the hash values of a file to prove the file is unaltered?

Answer 287

the hash values must remain the same

Question 288

what is a SCADA device?

Answer 288

a system operating with coded signals over communication channels that provides control of remote equipment

Question 289

what is the purpose of tamper-proof seals?

Answer 289

to ensure that the chain of custody is maintained

Question 290

what is the purpose of hashing utilities included in a forensic kit?

Answer 290

to create a hash value of files so that you can prove that certain evidence has not been altered during your possession of the evidence

Question 291

what is the proper life cycle of evidence steps?

Answer 291

collection, analysis, storage, court presentation, and return to owner

Question 292

what is a digital forensics workstation?

Answer 292

a dedicated workstation for processing an investigation that includes special tools and utilities that make the process easier and more productive

Question 293

what is the purpose of an incident form?

Answer 293

it is used to describe the incident in detail

Question 294

why should the proper chain of custody be ensured?

Answer 294

so that evidence will be admissible in court

Question 295

what is the purpose of the analysis utilities included in a forensic kit?

Answer 295

to analyze the bit-level copy that is created for that purpose

Question 296

what are the three basic questions answered by the chain of custody?

Answer 296

who controlled the evidencewho secured the evidencewho obtained the evidence

Question 297

when evidence is seized, which principle should be emphasized?

Answer 297

chain of custody

Question 298

what is indicated when the hash values on a file are different?

Answer 298

the file has been altered

Question 299

which stakeholder in the incident response process communicates the importance of the incident response plan to all parts of the organization, creates agreements detailing the authority of the IR team to take over business systems if necessary, and creates decision systems for determining when key systems must be removed from the network?

Answer 299

upper management

Question 300

which stakeholder in the incident response process creates newsletters and other educational materials to be used in employee response training and coordinates with the legal team to prepare media responses and internal communications regarding incidents before they occur?

Answer 300

marketing

Question 301

what are the FOUR main stakeholder groups for the incident response process?

Answer 301

HR, Legal, Marketing, Management

Question 302

which stakeholder in the incident response process reviews the NDA to ensure legal support for incident response efforts, develops the wording of documents used to contact sites and organizations possibly affected by an incident that originated with your company’s software, hardware, or services, and assesses site liability for illegal computer activity?

Answer 302

Legal

Question 303

what is the role of law enforcement in the incident response process?

Answer 303

to assist the investigation and in some cases take over the investigation when a crime has been committed

Question 304

which stakeholder in the incident response process develops job descriptions for those persons who will be hired for positions involved in incident response and creates policies and procedures that support the removal of employees found to be engaging in improper or illegal activity?

Answer 304

HR

Question 305

what is the role of the technical IT staff in the incident response process?

Answer 305

to recognize, identify, and react to incidents, and to provide support in analyzing those incidents when an incident has occurred

Question 306

what are the FOUR main purposes of the incident response communication process?

Answer 306

limit communication to trusted partiesdisclosure based on regulatory/legislative requirementsprevent inadvertent release of informationuse secure method of communication

Question 307

what is data exfiltration?

Answer 307

the unauthorized copying, transfer or retrieval of data from a computer or server

Question 308

what should you do if you discover rogue devices on the network?

Answer 308

locate and remove them

Question 309

what happens in vertical privilege escalation?

Answer 309

the attacker obtains higher privileges by performing operations that allow the attacker to run unauthorized code

Question 310

what are the SIX network-related symptoms of incidents?

Answer 310

bandwidth consumptionbeaconingirregular peer-to-peer communicationrogue devices on the networkscan sweepsunusual traffic spikes

Question 311

what is meant by anomalous activity?

Answer 311

activity that is outside the norms

Question 312

when does an escalation of privileges attack occur?

Answer 312

when an attacker has used a design flaw in an application to obtain unauthorized access to the application

Question 313

what are scan sweeps?

Answer 313

an attempt by an unauthorized entity to map your network

Question 314

what happens in horizontal privilege escalation?

Answer 314

the attacker obtains the same level of permissions as he already has but uses a different user account to do so

Question 315

what are the eight host-related symptoms of an incident?

Answer 315

processor consumptionmemory consumptiondrive capacity consumptionunauthorized softwaremalicious processesunauthorized changes

Question 316

what is beaconing?

Answer 316

when malware attempts to remotely connect to a command and control host or network

Question 317

what are the SIX application-related symptoms of incidents?

Answer 317

anomalous activityintroduction of new accountsunexpected outputunexpected outbound communicationservice interruptionmemory overflows

Question 318

what is the best way to determine the attack vector used by a hacker?

Answer 318

reverse engineering

Question 319

why should a first responder be familiar with the incident response plan?

Answer 319

to ensure that the appropriate procedures are followed

Question 320

which eradication technique reinstalling the operating system, applying all system updates, reinstalling the anti-malware software, and implementing any organizational security settings?

Answer 320

reconstruction or re-imaging

Question 321

what are the FOUR validation techniques?

Answer 321

patching, verifying permissions, scanning, verifying logging/communication to security monitoring

Question 322

what is the name of the security process that involves recognition, verification, classification, containment, and analysis?

Answer 322

incident response

Question 323

what are the THREE eradication techniques?

Answer 323

sanitization, reconstruction or re-image, secure disposal

Question 324

what are the FOUR containment techniques?

Answer 324

segmentation, isolation, removal, reverse engineering

Question 325

which containment techniques involves limiting the scope of the incident by leveraging existing segments of the network as barriers to prevent the spread of the incident to other segments?

Answer 325

segmentation

Question 326

which containment technique involves retracing the steps in the incident as seen from the logs in the affected devices or in logs of infrastructure devices that may have been involved?

Answer 326

reverse engineering

Question 327

what is the name of the group of people appointed to respond to security incidents?

Answer 327

incident response team

Question 328

which type of review should be completed last as part of incident response?

Answer 328

a post-mortem review

Question 329

which containment technique involves either by blocking all traffic to and from the device or devices or shutting down the device or devices’ interfaces?

Answer 329

isolation

Question 330

what are the SEVEN steps in a FORENSIC INVESTIGATION?

Answer 330

1. identification2. preservation3. collection4. examination5. analysis6. presentation

Question 331

which eradication technique removes all tracers of the threat by overwriting the drive multiple times to ensure all data is destroyed?

Answer 331

sanitization

Question 332

in which location should all changes made to your organization’s network and computers be listed?

Answer 332

in the change management system

Question 333

what are the FIVE steps in the INCIDENT RESPONSE PROCESS?

Answer 333

contain, eradicate, validate, corrective action, reporting

Question 334

what is incident management?

Answer 334

the activities of an organization to identify, analyze, and correct risks as they are identified

Question 335

which audit category will audit all instances of users exercising their rights?

Answer 335

the audit privilege use audit category

Question 336

what is another term for logical controls?

Answer 336

technical controls

Question 337

which type of controls dictates how security policies are implemented to fulfill the company’s security goals?

Answer 337

administrative or management control

Question 338

what is the name of the process for removing only the incriminating data from the audit logs?

Answer 338

scrubbing

Question 339

which type of controls is implemented to secure physical access to an object, such as building, a room, or a computer?

Answer 339

physical or operational control

Question 340

which type of controls include developing policies and procedures, screening personnel, conducting security awareness training, and implementing change control?

Answer 340

administrative controls

Question 341

what is the purpose of administrative controls?

Answer 341

to implement security policies based on procedures, standards, and guidelines

Question 342

what is the purpose of password complexity rules?

Answer 342

to ensure that users do not use passwords that are easy to guess using dictionary attacks

Question 343

what must you do for an effective security auditing policy, besides creating security logs?

Answer 343

analyze the logs

Question 344

what is the purpose of physical controls?

Answer 344

to work with administrative and technical controls to enforce physical access control

Question 345

which audit category tracks access to all objects outside active directory?

Answer 345

the audit object access audit category

Question 346

which password attack does an account lockout policy protect against?

Answer 346

a brute force attack

Question 347

if a user needs administrative-level access, how many user accounts should be issued to the user?

Answer 347

two - one for normal tasks, one for administrative-level tasks

Question 348

which setting ensures that accounts are not used beyond a certain data and/or time?

Answer 348

account expiration

Question 349

what are you trying to determine if you implement audit trails to ensure that users are not performing unauthorized functions?

Answer 349

accountability

Question 350

which setting ensures that users periodically change their account passwords?

Answer 350

password expiration

Question 351

what is the name for the process of tracking user activities by recording selected events in the server activity logs?

Answer 351

auditing

Question 352

which document is used when it is necessary to invoke legal action against an employee for inappropriate use of computer resources?

Answer 352

acceptable use policy

Question 353

which type of controls includes access control mechanisms, password management, identification methods, authentication methods, and security devices?

Answer 353

technical or logical controls

Question 354

what are the FIVE stages in the life cycle of the evidence or the chain of custody?

Answer 354

1. collection of evidence from the site2. analysis of the evidence by a team of experts3. storage of the evidence in a secure place to ensure that the evidence is not tampered with4. presentation of the evidence by legal experts in a court of law5. returning the evidence to the owner after the proceedings are over

Question 355

what is the purpose of audit logs?

Answer 355

to document actions taken on a computer network and the party responsible for those actions

Question 356

which type of controls work to protect system access, network architecture and access, control zones, auditing, and encryption and protocols?

Answer 356

technical controls

Question 357

what is the purpose of technical controls?

Answer 357

to restrict access to objects and protect availability, confidentiality, and integrity

Question 358

when should an administrative account be used?

Answer 358

when performing administrative-level tasks

Question 359

which linux file contains encrypted user passwords that only the root user can read?

Answer 359

/etc/shadow

Question 360

what is the purpose of password age rules?

Answer 360

to ensure that users change their passwords on a regular basis

Question 361

which account should you rename immediately after installing a new operating system (OS) to harden the OS?

Answer 361

the administrator account

Question 362

which assessment examines whether network security practices follow a company’s security policy?

Answer 362

an audit

Question 363

which audit category monitors changes to user accounts and groups?

Answer 363

the audit account management audit category

Question 364

what is the purpose of the password history settings?

Answer 364

to ensure that users do not keep reusing the same passwords

Question 365

which setting ensures that repeated attempts to guess a user’s password is not possible beyond the configured value?

Answer 365

account lockout

Question 366

which account should you disable immediately after installing a new operating system (OS) to harden the OS?

Answer 366

the guest account

Question 367

which log in event viewer should you open to view events that are generated based on your auditing settings?

Answer 367

the security log

Question 368

what is a good password complexity policy?

Answer 368

a mixture of numbers, uppercase and lowercase letters, and special characters, such as rObin3*nest

Question 369

which audit category tracks all attempts to log on with a domain user account when enabled on domain controllers?

Answer 369

the audit account logon events audit category

Question 370

which type of controls includes controlling access to different parts of a building, implementing locking systems, installing fencing, implementing environmental controls, and protecting the facility perimeter?

Answer 370

physical controls

Question 371

what is the top-most level of the LDAP hierarchy?

Answer 371

root

Question 372

what is the primary function of LDAP?

Answer 372

lightweight directory access protocol (LDAP) controls client access to directories

Question 373

what are flood guards?

Answer 373

devices that protect denial of service (DoS) attacks

Question 374

what does the acronym RADIUS denote?

Answer 374

remote authentication dial-in user service

Question 375

what are the two types of eye scans?

Answer 375

iris scans and retinal scans

Question 376

which type of authentication is accomplished by authenticating both the client and server sides of a concentration through the encrypted exchange of credentials?

Answer 376

mutual authentication

Question 377

what does the acronym TACACS denote?

Answer 377

terminal access controller access control system

Question 378

which function does a single sign-on (SSO) system provide?

Answer 378

it allows a user to present authentication credentials once and gain access to all computers within the SSO system

Question 379

what is the purpose of federated identity management?

Answer 379

it allows single sign-on (SSO) between companies

Question 380

what does the acronym KDC denote?

Answer 380

key distribution center

Question 381

which authentication protocol uses UDP: TACACS+ or RADIUS?

Answer 381

RADIUS

Question 382

which security-server application and protocol implements authentication and authorization of users from a central server over TCP?

Answer 382

terminal access controller access control system plus (TACACS+)

Question 383

which authentication protocol is an open standard: TACACS+ or RADIUS?

Answer 383

RADIUS

Question 384

which authentication system includes clients, servers, and a key distribution center (KDC)?

Answer 384

kerberos

Question 385

which authentication protocol separates authentication and authorization: TACACS+ or RADIUS?

Answer 385

TACACS+

Question 386

which Cisco implementation is similar to a RADIUS implementation?

Answer 386

TACACS

Question 387

what are the two components of the kerberos key distribution center?

Answer 387

authentication server (AS) and ticket-granting server (TGS)

Question 388

which access control model is based on the data’s owner implementing and administering access control?

Answer 388

discretionary access control (DAC)

Question 389

which eye scan measures the pattern of blood vessels at the back of the eye?

Answer 389

retinal scan

Question 390

scanning fingerprints is an example of which authentication technique

Answer 390

biometrics

Question 391

using role-based access control (RBAC), which entities are assigned roles?

Answer 391

users or subjects

Question 392

which kerberos component holds all users’ and services’ cryptographic keys and generates tickets?

Answer 392

key distribution center (KDC)

Question 393

who has the responsibility for configuring access rights in discretionary access control (DAC)?

Answer 393

the data owner or data custodian

Question 394

what is the most important biometric system characteristic?

Answer 394

accuracy

Question 395

which type of attack can turn a switch into a hub?

Answer 395

MAC flooding

Question 396

what does the acronym MAC denote?

Answer 396

mandatory access control

Question 397

which type of eye scan is considered more intrusive than other eye scans?

Answer 397

retinal scan

Question 398

which fingerprint scan will analyze fingerprint ridge direction?

Answer 398

minutiae matching

Question 399

why is password disclosure a significant security issue in a single sign-on network?

Answer 399

it could compromise the entire system because authentication grants access to any systems on the network to which the actual user may have permission

Question 400

which access control model has the lowest cost?

Answer 400

role-based access control (RBAC)

Question 401

what does the acronym SSO denote?

Answer 401

single sign-on

Question 402

which authentication protocol encrypts the entire packet (not just the password): TACACS+ or RADIUS?

Answer 402

TACACS+

Question 403

which authentication protocol uses tickets to authenticate users?

Answer 403

Kerberos

Question 404

which function does RADIUS provide?

Answer 404

centralized authentication, authorization, and accounting for remote dial-in users

Question 405

which security-server application and protocol implement authentication of users from a central server over UDP?

Answer 405

remote authentication dial-in user service (RADIUS)

Question 406

which directory protocol does directory-enabled networking (DEN) use?

Answer 406

lightweight directory access protocol (LDAP)

Question 407

which access control model uses security labels for each resource?

Answer 407

mandatory access control (MAC)

Question 408

what are the two advantages of single sign-on (SSO)?

Answer 408

convenience and centralized administration

Question 409

which access control model requires assigning security clearance levels to users, such as secret, top-secret, and confidential?

Answer 409

mandatory access control (MAC)

Question 410

which internet protocol based on X.500 is used to access the data stored in a network directory?

Answer 410

lightweight directory access protocol (LDAP)

Question 411

what is the purpose of RADIUS?

Answer 411

remote access dial-in user service (RADIUS) enables remote access users to log on to a network through a shared authentication database

Question 412

which ethernet standard uses a wireless access point with a remote authentication dial-in user service (RADIUS) server to authenticate wireless users?

Answer 412

802.1x

Question 413

which type of authentication combines two or more authentication methods, like something that a person knows (such as password), something that a person owns (such as a smart card), and a characteristic about the person (such as a fingerprint)?

Answer 413

multi-factor authentication

Question 414

which technique is used to prevent network bridging?

Answer 414

network separation

Question 415

on which standard is lightweight directory access protocol (LDAP) based?

Answer 415

X.500

Question 416

what are the two types of ciphers?

Answer 416

block and streaming

Question 417

what is most commonly used to provide proof of message’s origin?

Answer 417

a digital signature

Question 418

which key is used to decrypt a digital signature: public or private?

Answer 418

public

Question 419

which cryptographic technique is based on a combination of two keys: a secret (private) key and a public key?

Answer 419

public-key cryptography

Question 420

in asymmetric encryption for a digital signature, which key is used for encryption: public or private?

Answer 420

private

Question 421

what are mandatory vacations?

Answer 421

administrative controls that ensure that employees take vacations at periodic intervals

Question 422

what are two other names for single-key cryptography?

Answer 422

symmetric key encryption and secret-key encryption

Question 423

which type of cryptography is more secure: symmetric or asymmetric?

Answer 423

asymmetric

Question 424

which security measure prevents fraud by reducing the chances of collusion?

Answer 424

separation of duties

Question 425

what are the three issues that symmetric data encryption fails to address?

Answer 425

data integrity, repudiation, scalable key distribution

Question 426

to provide checks and balances and to prevent one person from gaining too much power over a system, which type of security policy should you implement?

Answer 426

separation of duties

Question 427

what is the term for the process that applies a one-way mathematical function called a message digest function to an arbitrary amount of data?

Answer 427

hashing

Question 428

what is a dual control?

Answer 428

when two operators work together to accomplish a sensitive task

Question 429

what is segregation of duties?

Answer 429

when a sensitive activity is segregated into multiple activities and tasks are assigned to different individuals to achieve a common goal

Question 430

what is another name for public-key encryption?

Answer 430

asymmetric encryption

Question 431

what is another term used for layered security?

Answer 431

defense in depth

Question 432

what is job rotation?

Answer 432

when an individual can fulfill the tasks of more than one position in the organization and duties are regularly rotated to prevent fraud

Question 433

what is the opposite of confidentiality?

Answer 433

disclosure

Question 434

what is the purpose of filters on a web server?

Answer 434

they limit the traffic that is allowed through

Question 435

what is the purpose of sandbox in a java applet?

Answer 435

it prevents java applets from accessing unauthorized areas on a user’s computer

Question 436

which error condition arises because data is not checked before input to ensure that it has an appropriate length?

Answer 436

buffer overflow errors

Question 437

when does fuzzing occur?

Answer 437

when unexpected values are provided as input to an application to make the application crash

Question 438

what are the FIVE phases of the system development life cycle (SDLC)?

Answer 438

1. initiation2. development and acquisition3. implementation and assessment4. operations and maintenance5. disposal

Question 439

what is the purpose of a decompiler?

Answer 439

to re-create the source code in some high-level language

Question 440

which type of attack runs code within another process’s address space by making it load a dynamic link library?

Answer 440

a DLL injection attack

Question 441

what is the purpose of fuzz testing?

Answer 441

to identify bugs and security flaws within an application

Question 442

what are alternate terms for cross-site request forgery (XSRF)?

Answer 442

session riding or one-click attack

Question 443

which application hardening method requires that your organization periodically checks with the application vendor?

Answer 443

patch management

Question 444

what is the most significant misuse of cookies?

Answer 444

misuse of personal data

Question 445

when does fuzzing occur?

Answer 445

when unexpected values are provided as input to an application in an effort to make the application crash

Question 446

what does a race condition typically attack?

Answer 446

the delay between time of check (TOC) and time of use (TOU)

Question 447

when does a cross-site scripting (XSS) attack occur?

Answer 447

it occurs when an attacker locates a vulnerability on a web site that allows the attacker to inject malicious code into a web application

Question 448

what is the name for a small piece of information that is saved on a client machine on the hard disk to enable tracking of user information on future web visits?

Answer 448

a cookie

Question 449

what is the purpose of an application disassembler?

Answer 449

to read and understand the raw language of the program

Question 450

what is the purpose of a fail-safe error handler?

Answer 450

to ensure that the application stops working, reports the error, and closes down

Question 451

what is an application backdoor?

Answer 451

lines of code that are inserted into an application to allow developers to enter the application and bypass the security mechanisms

Question 452

what is cross-site request forgery (XSRF)?

Answer 452

unauthorized commands coming from a trusted user to a user or web site, usually through social networking

Question 453

what should application developers do to prevent race condition attack?

Answer 453

create code that processes exclusive-lock resources in a certain sequence and unlocks them in reverse order

Question 454

what is the best protection against cross-site scripting? (XSS)?

Answer 454

disable the running of scripts

Question 455

what is the purpose of secure code review?

Answer 455

it examines all written code for any security holes that may exist

Question 456

what is a cookie?

Answer 456

a web client test file that stores persistent settings for a web server

Question 457

what is the purpose of input validation?

Answer 457

to ensure that data being entered into a database follows certain parameters

Question 458

what is the purpose of application hardening?

Answer 458

it ensures that an application is secure and unnecessary services are disabled

Question 459

which error occurs when the length of the input data is more than the length that processor buffers can handle?

Answer 459

buffer overflow

Question 460

which type of attack is characterized by an attacker who takes over the session of an already authenticated user?

Answer 460

hijacking

Question 461

what is a zero-day exploit?

Answer 461

an attack that exploits a security vulnerability on the day the vulnerability becomes generally known

Question 462

when does a persistent XSS attack occur?

Answer 462

when data provided to the web application is first stored persistently on the server and later displayed to users without being encoded using HTML on the Web client

Question 463

which type of attack intercepts an established TCP session?

Answer 463

TCP hijacking or session hijacking

Question 464

which type of attack enables an intruder to capture and modify data traffic by rerouting the traffic from a network device to the intruder’s computer?

Answer 464

network address hijacking

Question 465

what are the FIVE monitoring tools analyst need to know?

Answer 465

MRTG (multi router traffic grapher)NagiosSolarWindsCactiNetflow Analyzer

Question 466

what is wireshark?

Answer 466

a protocol analyzer or packet sniffer

Question 467

what are the THREE IPS tools?

Answer 467

sourcefiresnortbro

Question 468

what is unit testing?

Answer 468

the debugging performed by the programmer while coding instructions

Question 469

what are the THREE categories of exploit tools?

Answer 469

interception proxyexploit frameworkfuzzers

Question 470

what error condition arises because data is not checked before input to ensure that it has an appropriate length?

Answer 470

buffer overflow errors

Question 471

what is the purpose of content inspection?

Answer 471

to search for malicious code or behavior

Question 472

what are the TWO exploit framework tools analyst need to know?

Answer 472

Metasploit, Nexpose

Question 473

what are the six SIEM tools analyst need to know?

Answer 473

Arcsight, QRadar, Splunk, AlienVault, OSSIM, Kiwi Syslog

Question 474

what is microsoft baseline security analyzer?

Answer 474

a microsoft application that creates security reports

Question 475

what are TWO examples of input validation errors?

Answer 475

buffer overflow and boundary condition errors

Question 476

what is a proxy server?

Answer 476

a server that caches and filters content

Question 477

what are the seven categories of preventive tools?

Answer 477

IPSFirewallAnti-VirusAnti-malwareEnhanced Mitigation Experience Toolkit (EMET)Web proxyWeb application firewall

Question 478

which error occurs when the length of the input data is more than the length that processor buffers can handle?

Answer 478

a buffer overflow

Question 479

what is the most popular intrusion detection system (IDS)?

Answer 479

network-based IDS

Question 480

what are the three interception proxy tools analyst need to know?

Answer 480

Burp SuiteZapVega

Question 481

what does the acronym IDS denote?

Answer 481

intrusion detection system

Question 482

what are the SEVEN command-line tools analyst need to know?

Answer 482

netstatpingtracert/tracerouteipconfig/ifconfignslookup/digSysinternalsOpenSSL

Question 483

what is the difference between a password checker and a password cracker?

Answer 483

there is no difference. they are the same tools

Question 484

what are the SIX vulnerability scanning tools analyst need to know?

Answer 484

QualysNessusOpenVASNexposeNiktoMicrosoft Baseline Security Analyzer

Question 485

what are the TWO password cracking tools analyst need to know?

Answer 485

john the rippercain and abel

Question 486

what are the five forensic suite tools analyst need to know?

Answer 486

EnCaseFTK (forensic toolkit)HelixSysinternalsCellebrite

Question 487

which type of control is an intrusion detection system (IDS)?

Answer 487

detective technical

Question 488

which type of vulnerability assessment is more likely to demonstrate the success or failure of a possible attack?

Answer 488

a double-blind test

Question 489

what is Nessus?

Answer 489

a network vulnerability scanner

Question 490

what are the THREE categories of analytical tools?

Answer 490

vulnerability scanningmonitoring toolsinterception proxy

Question 491

what are the THREE web application firewalls (WAFs) analyst need to know?

Answer 491

ModSecurityNAXSIImperva

Question 492

what is the imaging tool analysts need to know?

Answer 492

DD

Question 493

what are the two hashing tools analyst need to know?

Answer 493

MD5sumSHAsum

Question 494

what is the network scanning tool analyst need to know?

Answer 494

NMAP

Question 495

what activity provides identification of security flaws and verification of levels of existing resistance?

Answer 495

penetration testing

Question 496

what are the THREE fuzzer tools analyst need to know?

Answer 496

UntidyPeach FuzzerMicrosoft SDL File/Regex Fuzzer

Question 497

what are the FOUR categories of forensics tools?

Answer 497

forensics suiteshashingpassword crackingimaging

Question 498

what are the four packet capture tools analyst need to know?

Answer 498

wiresharktcpdumpnetwork generalaircrack-ng

Question 499

which tool obtains a visual map of the topology of your network, including all devices on the network?

Answer 499

a network mapper, also referred to as a network enumerator

Question 500

what are the THREE firewall vendors analyst need to understand?

Answer 500

Cisco, Palo Alto, Check Point

Question 501

which tool should you use to retrieve the contents of a GET request: a protocol analyzer or port scanner?

Answer 501

protocol analyzer

Question 502

what are the SIX categories of collective tools?

Answer 502

SIEMNetworking scanningVulnerability scanningPacket captureCommand-line utilitiesIDS