CHP 11

Question 1

fact

Answer 1

UDP is connectionless

Question 2

TLS

Answer 2

Transport Layer Security (TLS)
Security protocol that uses certificates for authentication and encryption to protect web communications and other application protocols.

Question 3

fact

Answer 3

TLS 1.3 is the removing the ability to perform downgrade attacks

Question 4

SASL

Answer 4

Simple Authentication and Security Layer (SASL) is a framework for adding authentication support to connection-based protocols.

Question 5

MIB

Answer 5

A Management Information Base (MIB) is a database used for managing the entities in a communication network. It is a hierarchical structure that stores information about network devices and their operational status, enabling network management protocols like SNMP (Simple Network Management Protocol) to monitor and control these devices.

Question 6

STARTTLS

Answer 6

STARTTLS is a command used to upgrade an existing plaintext communication connection to an encrypted connection using SSL/TLS. It is commonly used in various email and messaging protocols to secure the data transmission. STARTTLS method is generally more widely implemented than SMTPS

Question 7

IMAP

Answer 7

Internet Message Access Protocol (IMAP) is a standard email protocol that allows users to access and manage their emails on a mail server. Unlike POP3, which downloads emails to a local device, IMAP stores emails on the server, allowing access from multiple devices.

Question 8

SPF

Answer 8

Sender Policy Framework (SPF):

Purpose: Stops email spoofing.

Question 9

DKIM

Answer 9

Domain Keys Identified Mail (DKIM):

Purpose: Ensures email integrity.

Question 10

DMARC

Answer 10

Domain-based Message Authentication, Reporting & Conformance (DMARC):

Purpose: Combines SPF and DKIM to protect against email fraud.

Question 11

S/MIME

Answer 11

Secure/Multipurpose Internet Mail Extensions (S/MIME) is a standard for public key encryption and signing of MIME data. It provides a way to send and receive secure email messages.

Question 12

DNS

Answer 12

Domain Name System (DNS) is a hierarchical and decentralized naming system used to translate human-readable domain names (like www.example.com) into machine-readable IP addresses (like 192.0.2.1).

Question 13

fact

Answer 13

DoS attacks are hard to perform against the servers that perform Internet name resolution, but if an attacker can target the DNS server on a private network, it is possible to seriously disrupt the operation of that network.

Question 14

BIND

Answer 14

BIND (Berkeley Internet Name Domain) is the most widely used DNS server software on the Internet. It translates domain names into IP addresses and vice versa, facilitating the proper routing of internet traffic.

Question 15

DNS Footprinting

Answer 15

DNS Footprinting is the process of gathering information about an organization’s DNS infrastructure and associated domains. It is often a preliminary step in a broader cybersecurity assessment or penetration testing exercise.

Question 16

fact

Answer 16

secure coding practices that encourage developers to write code that prevents common vulnerabilities like SQL injection and cross-site scripting. Application security practices also mandate static application security testing (SAST) and dynamic application security testing (DAST).

Question 17

SEH

Answer 17

Structured Exception Handling (SEH) is a mechanism in Windows operating systems that provides a way to handle exceptions, which are unexpected or exceptional conditions that occur during the execution of a program.

Question 18

An educational institution’s systems administrator is responsible for securing the LDAP directory service for the organization’s computing resources. Which authentication method should the systems administrator implement to ensure secure access while minimizing opening extra ports on the firewall?

A.It requires no authentication method
B.Simple Bind authentication method
C.Simple Authentication and Security Layer
D.Lightweight Directory Access Protocol Secure

Answer 18

C

Question 19

A large multinational company wants to enhance the security of its computing resources. It considers applying common security techniques to protect sensitive data and prevent unauthorized access. Which security technique would be MOST suitable for securing computing resources?

A.GPS tagging to add geographical identification metadata to a company’s sensitive files
B.Add geofencing to create a virtual boundary around the company’s office premises
C.Indoor Positioning System to determine the physical position of employees’ devices
D.Applying context-aware authentication to restrict resource access based on user location

Answer 19

D

Question 20

A large finance company’s software developers are working on a new web application for their customers. The team has concerns about potential security vulnerabilities. Which security techniques should they consider implementing to enhance the security of their application from web-based attack techniques? (Select the two best options.)

A.Static code analysis
B.Code signing
C.Input validation
D.Secure cookies

Answer 20

C and D

Question 21

The IT administrator of a global banking organization is responsible for configuring email services. The administrator must ensure secure communication between servers and servers, as well as servers and clients. Which of the following statements about securing email protocols is true? (Select the two best options.)

A.Simple Mail Transfer Protocol Secure (SMTPS) is the most widely implemented and robust method for securing SMTP communications.
B.Port 465 is the recommended port for secure message submission over implicit transport layer security using STARTTLS command.
C.Post Office Protocol 3S (POP3S) operates over transmission control protocol port 995 by default for secured mailbox access.
D.Internet Message Access Protocol Secure allows multiple clients to connect to the same mailbox on port 143 simultaneously.

Answer 21

A and C