Checkpoint Exam: Principles, Practices, and Processes of Network Defense Flashcards
Which security management functino is concerned with the inventorry and control of hardware and software configurations of systems?
configuration management
vulnerability management
risk management
asset management
configuration management
What device would be used as a second line of dense in a defense-in-depth approach?
edge router
internal router
switch
firewall
firewall
Which security measure is typically foudn both inside and outside a data ccenter facility?
biometrics access
continuous video surveillance
a gate
exit sensors
security traps
continuous video surveillance
What is a characteristic of the security artichoke, defense-in-depth approach?
Threat actors can easily compromise all layers safeguarding the data or systems
Each layer has to be penetrated before the threat actor can reach the target data or system.
Threat actors no longer have to peel away each layer before reaching the target data or system.
Threat actors can no longer penetrate any layers safeguarding the data or system.
Threats actors no longer have to peel away each layer before reaching the target data or system.
Which two options are security best practices that help mitigate BYOD risks? (Choose two.)
Only turn on Wi-Fi when using the wireless network.
Only allow devices that have been approved by the corporate IT team.
use paint that reflects wireless signals and glass that prevents the signals from going outside the building.
Keep the device OS and software updated.
Decrease the wireless antenna gain level.
Use wireless MAC address filtering.
Only turn on Wi-Fi when using the wireless network
Kepe the device OS and software updated.
Which type of business policy establishes the rules of conduct and the responsibilities of employees and employers?
data
security
company
employee
company
Match the term to the description.
Threats
Vulnerabilities
Assets
piece them together
weaknesses in a ssytem or design
information or equipment valuable enough to an organization to warrant protection
potential dangers to a protected asset
Threats - potential dangers to a protected asset
Vulnerabilities - weaknesses in a system or design
Assets - Information or equipment valuable enough to an organization to warrant protection
Which network monitoring tool is in the category of network protocol analyzers?
Wireshark
SIEM
SPAN
SNMP
Wireshark
What is a strength of using a hashing function?
It is a one-way function and not reversible.
Two different files can be created that have the same output
It is not commonly used in security
It can take only a fixed length message
It has a variable length output
It is a one-way function and not reversible
A userr has created a new program and wants to distribute it to everyone in the company. The user wants to ensure that when the program is downloaded that the program is not changed while in transit. What can the user do to ensure that the program is not changed when downloaded?
Encrypt the program and require a password after it is downloaded.
Create a hash of the program file that can be used to verify the integrity of the file after it is downloaded.
Turn off antivirus on all the computers.
Install the program on individual computers.
Distribute the program on a thumb drive
Create a hash of the program file that can be used to verify the integrity of the file after it is downloaded.
What is a purpose of implementing VLANs on a network?
They eliminate network collisions
They prevent Layer 2 loops
They can separate user traffic
They allow switches to forward Layer 3 packets without a router.
They can separate user traffic
A user is purchasing a new server of the company data center. The user wants disk stripping with parity on three disks. Which RAID level should the user implement?
1+0
0
5
1
5
A company is developing an internet store website. Which protocl should be used to transfer credit card information from customers to the company web server?
FTPS
HTTP
HTTPS
SSH
WPA2
HTTPS
Why is asset management a critical function of a growing organization against securityt threats?
It serves to preserve an audit trail of all new purchases.
It allows for a build of a comprehensive AUP.
It identifies the ever increasing attack surface to threats.
It prevents theft of older assets that are decommissioned.
It identifies the ever increasing attack surface to threats.
What is an example of the implementation of phyiscal security?
ensuring that all operating system an antivirus software is up to date
encrypting all sensitive data that is stored on the servers
requiring employees to use a card key when entering a secure area
establishing personal firewalls on each computer
requiring employees to use a card key when entering a secure area
A large retail company uses EAP-based authentication in conjunction with 802.1X. When the client firrst initiates communication on the wireless network, which type of authentication method is used by the client to associate with the AP?
WPA3
Open Authentication
WPA
WPA2
Open Authentication
What are three examples of administrative access controls? (Choose three.)
hiring practices
background checks
encryption
guard dog
policies and procedures
intrusino detection system (IDS)
hiring practices
background checks
policies and procedures
Which access control model applies the strictest access contorl and is often used in military and mission critical applications?
attribute-based
nondiscretionary
mandatory
discretionary
mandatory
What is the purpose of the network security authentication function?
to keep track of the actions of a user
to require users to prove who they are
to determine which resource a user can access
to provide challenge and response questions
to require users to prove who they are
A network administrator is configuring an AAA server to manage RADIUS authentication. Which two features are included in RADIUS authentication? (Choose two.)
single process for authentication and authorization
encryption for only the data
encryption for all communication
separate processes for authentication and authorization
hidden passwords during transmission
single process for authentication and authorization
hidden passwords during transmission
Passwords, passphrases, and PINs are examples of which security term?
access
authentication
identification
authorization
authentication
An intern has started working in the support group. One duty is to set local policy for passwords on the workstations. What tool would be best to use?
grpol.msc
password policy
secpol.msc
system adminstration
account policy
secpol.msc
What is privilege escalation?
Everyone is given full rights by default to everything and rights are taken away only when someone abuses privileges.
A security problem occurs when high ranking corporate officials demand rights to systems or files that they should not have.
Someone is given rights because she or he has received a promotion
Vulnerabilities in systems are exploited to grant higher levels of privilege than someone or some process should have.
Vulnerabilities in systems are exploited to grant high erlevels of privilege than someone or some process should have.
Which access control model allows users to control access to data as an owner of that data?
nondiscretionary access control
mandatory access control
attribute-based access control
discretionary access control
discretionary access control
