Chapter 10 Flashcards
As a network administrator, you are asked to recommend a secure method for transferring data between hosts on a network. Which of the following protocols would you recommend? (Select two.)
SCP
RCP
SFTP
TDP
FTP
SCP
SFTP
Which of the following protocols uses port 443?
S-HTTP
SSH
S/MIME
HTTPS
HTTPS
Which TCP/IP protocol is a secure form of HTTP that uses SSL as a sub-layer for security?
SSH
DNS
SMTP
HTTPS
HTTPS
Which of the following tools allow remote management of servers? (Select two.)
SSL
Telnet
FTP
SSH
POP3
Telnet
SSH
SFTP uses which mechanism to provide security for authentication and data transfer?
SSH
Token devices
SSL
IPsec
SSH
When using SSL authentication, what does the client verify first when checking a server’s identity?
The certificate must be non-expiring and self-signed by the sysadmin.
The current date and time must fall within the server’s certificate-validity period.
All DNS resolution must point to the corporate intranet routers.
Master secrets are verifiable from asymmetric keys.
The current date and time must fall within the server’s certificate-validity period.
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)
TLS
SNMP
SMTP
HTTPS
SSL
TLS
SSL
Which of the following protocols can TLS use for key exchange? (Select two.)
RSA
Diffie-Hellman
KEA
IKE
ECC
RSA
Diffie-Hellman
IPsec is implemented through two separate protocols. What are these protocols called? (Select two.)
AH
SSL
EPS
L2TP
ESP
AH
ESP
What is the primary function of the IKE Protocol used with IPsec?
Provide authentication services.
Provide both authentication and encryption.
Create a security association between communicating partners.
Encrypt packet contents.
Ensure dynamic key rotation and select initialization vectors (IVs).
Create a security association between communicating partners.
Which of the following is a technology that tries to detect and stop sensitive data breaches, or data leakage incidents, in an organization?
Data transmission security
Data loss prevention
Public key cryptography
Data hashing
Data loss prevention
Which rights management category is applied to music, videos, and software that is sold to consumers?
Static
Dynamic
IRM
DRM
DRM
Your organization is having a third party come in and perform an audit on the financial records. You want to ensure that the auditor has access to the data they need while keeping the customers’ data secure. To accomplish this goal, you plan to implement a mask that replaces the client names and account numbers with fictional data.
Which masking method are you implementing?
Encryption
Tokenization
Static
Dynamic
Dynamic
Which of the following BEST describes dynamic data masking? (Select two.)
It is helpful for data at rest in a database and can be specified by field or column.
It replaces original information with a mask that mimics the original in form and function.
Original data is made irretrievable through reverse-engineering.
It can be used to control which users can see the actual data.
It is good to use when making copies of a database for testing.
It replaces original information with a mask that mimics the original in form and function.
It can be used to control which users can see the actual data.
Which of the following DLP implementations can be used to monitor and control access to physical devices on workstations or servers?
File-level DLP
Cloud DLP
Endpoint DLP
Network DLP
Endpoint DLP
DLP can be used to identify sensitive files in a file system and then embed the organization’s security policy within the file.
Which of the following DLP implementations travels with sensitive data files when they are moved or copied?
Endpoint DLP
File-level DLP
Network DLP
Cloud DLP
File-level DLP
You have been offered a position as a security analyst for Acme, Inc. The position will be remote. Acme Inc. has sent you your employment contract using a system that only allows you to open and digitally sign the contract.
Which rights management method is being used?
DRM
Static
IRM
Dynamic
IRM
Which DLP method works by replacing sensitive data with realistic fictional data?
File-level DLP
Tokenization
Encryption
Masking
Masking
DLP can be implemented as a software or hardware solution that analyzes traffic in an attempt to detect sensitive data that is being transmitted in violation of an organization’s security policies.
Which of the following DLP implementations analyzes traffic for data containing such things as financial documents, social security numbers, or key words used in proprietary intellectual property?
Cloud DLP
Network DLP
Endpoint DLP
File-level DLP
Network DLP
Tokenization is another effective tool in data loss prevention. Tokenization does which of the following? (Select two.)
Allows continued control access to the file, even when it’s no longer in your system
Allows a security policy to travel with a specific file, even when copied or moved
Protects data on its server with authentication and authorization protocols
Identifies sensitive files and embeds them within your security policies
Replaces actual data with a randomly generated alphanumeric character set
Protects data on its server with authentication and authorization protocols
Replaces actual data with a randomly generated alphanumeric character set
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?
Smurf attack
Time-of-check to time-of-use attack
Buffer overflow attack
Data diddling
Buffer overflow attack
Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?
Superzapping
Denial-of-service attack
Dictionary attack
Buffer overflow attack
Buffer overflow attack
Which type of attack is the act of exploiting a software program’s free acceptance of input in order to execute arbitrary code on a target?
Data diddling
Covert channel exploitation
Buffer overflow attack
TOCTOU
Buffer overflow attack
Which of the following is an attack that injects malicious scripts into web pages to redirect users to fake websites to gather personal information?
Drive-by download
XSS
DLL injection
SQL injection
XSS
Which of the following is specifically meant to ensure that a program operates on clean, correct, and useful data?
Input validation
Error and exception handling
Application hardening
Process spawning
Input validation
You have a website that accepts input from users for creating customer accounts. Input on the form is passed to a database server where the user account information is stored.
An attacker is able to insert database commands in the input fields and have those commands execute on the server.
Which type of attack has occurred?
SQL injection
Buffer overflow
Cross-site scripting
DLL injection
SQL Injection
An attacker inserts SQL database commands into a data input field of an order form used by a web-based application. When submitted, these commands are executed on the remote database server, causing customer contact information from the database to be sent to the malicious user’s web browser.
Which practice would have prevented this exploit?
Using the latest browser version and patch level
Implementing a script blocker
Implementing client-side validation
Installing antivirus, anti-spyware, pop-up blockers, and firewall software
Implementing client-side validation
Which of the following functions does a single quote (‘) perform in an SQL injection?
Indicates that everything after the single quote is a comment
Indicates that code is ending and a comment is being entered
Indicates that data has ended and a command is beginning
Indicates that the comment has ended and data is being entered
Indicates that data has ended and a command is beginning
As you browse the internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view.
Which tool can you implement to prevent these windows from showing?
Anti-spyware
Phishing filter
Antivirus
Anti-adware
Pop-up blocker
Pop-up blocker
While using a web-based order form, an attacker enters an unusually large value in the Quantity field.
The value he or she entered is so large that it exceeds the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number.
As a result, the web application processes the order as a return instead of a purchase, and the attacker’s account is credited with a large sum of money.
Which practices would have prevented this exploit? (Select two.)
Installing the latest operating system updates
Installing antivirus, anti-spyware, pop-up blockers, and firewall software
Using the latest browser version and patch level
Implementing client-side validation
Implementing server-side validation
Implementing client-side validation
Implementing server-side validation
Which application development model approaches software development as a continuous, changing process with never-ending versions, bug fixes, and enhancements?
Code signing
Agile
Waterfall
Fuzz testing
Agile
You are performing a security test from the outside on a new application that has been deployed.
Which secure testing method are you MOST likely using?
Static
Dynamic
Runtime
Interactive
Dynamic
Which of the following enters random data to the inputs of an application?
Fuzzing
Validation rules
Routines
Application hardening
Fuzzing
Which of the following is the first step in the Waterfall application development model?
Design
Requirements
Maintenance
Implementation
Requirements
Which of the following are the two main causes of software vulnerabilities? (Select two.)
Obfuscation
Coding errors
Design flaws
Normalization
Fuzzing
Coding errors
Design flaws
Which of the following is considered a drawback of the Waterfall application development life cycle?
Development is broken into Sprints.
Each step in the life cycle only needs to be completed once before moving on to the next one.
Testing is performed throughout development.
Requirements are determined at the beginning and are carried through to the end product.
Requirements are determined at the beginning and are carried through to the end product.
You have just finished developing a new application. Before putting it on the website for users to download, you want to provide a checksum to verify that the object has not been modified.
Which of the following would you implement?
Normalization
Memory management
Code signing
Code obfuscation
Code signing
Which fuzz testing program type defines new test data based on models of the input?
Memory management
Code signing
Generation-based
Mutation-based
Generation-based
What is the storage location called that holds all the development source files that version control systems use?
Stored procedures
Normalization
Repository
Memory management
Repository
What is a set of software development tools called that can be installed as one unit and provides code frameworks or code snippets to help development go faster?
SDK
Repository
Code signing
Memory management
SDK
