Common Security Concepts Flashcards
Which of the following is a symmetric encryption algorithm available in
128-bit, 192-bit, and 256-bit key versions?
a. RSA
b. 3DES
c. AES
d. TKIP
Answer: c. Advanced Encryption Standard (AES) permits the configuration of
various strength levels, including 128-, 192-, and 256-bit key versions.
What aspect of modern cybersecurity focuses on ensuring that data has not
been manipulated in transit?
a. Integrity
b. Confidentiality
c. Authentication
d. Availability
Answer: a. Integrity involves ensuring that data has not been manipulated in
transit.
What security approach involves creating multiple accounts for your own
access to the network and to its devices?
a. 802.1X
b. Least privilege
c. Network access control
d. SIEM
Answer: b. The principle of least privilege involves giving a user account the
fewest possible permissions required to do a job.
Which of the following is a device that is meant to attract security attacks?
a. SIEM
b. Next Generation Firewall
c. IPS
d. Honeypot
Answer: d. A honeypot is a network device that tries to attract security attacks,
allowing a network administrator to analyze the attackers and their strategies.
What security protocol is used in 802.1X to securely transport the credentials
used in an exchange?
a. IPsec
b. EAP
c. SSH
d. HTTPS
Answer: b. EAP is a security protocol that carries the credentials of a system
(supplicant) that is trying to access a network.
Which of the following provides excellent search tools to leverage a large database of publicly known information security vulnerabilities and exposures?
a. ACL
b. AWS
c. SHA-256
d. CVE
Answer: d. The Common Vulnerabilities and Exposures (CVE) system is a
free online resource that provides excellent search tools to leverage a large
database of publicly known information security vulnerabilities and exposures.
Which of the following provides real-time analysis of security alerts generated
by applications and network hardware and can log security data and generate
reports for compliance purposes?
a. SIEM system
b. Screened subnet
c. VRF instance
d. Defense in depth
Answer: a. Security information and event management (SIEM) systems provide real-time analysis of security alerts generated by applications and network
hardware. SIEM systems can log security data and generate reports for compliance purposes.
Which of the following is a client/server authentication protocol that supports
mutual authentication between a client and a server and hands out tickets that
are used instead of a username and password combination?
a. TACACS+
b. RADIUS
c. Kerberos
d. LDAP
Answer: c. Kerberos is a client/server authentication protocol that supports
mutual authentication between a client and a server. With Kerberos, a trusted
third party (a key distribution center) hands out tickets that are used instead of
username and password combinations.
You go to the store and put your bank card into an ATM and enter your PIN.
Which of the following factors of multifactor authentication have you exhibited? (Choose two.)
a. Something you are
b. Something you have
c. Something you know
d. Somewhere you are
Answer: b, c. An automated teller machine (ATM) provides a common
example of a multifactor authentication system. It requires both a “something
you have” physical key (your ATM card) and a “something you know” personal
identification number (PIN).
Which of the following would best help you ensure that all areas of control
and compliance don’t end up in the hands of a single individual?
a. Role-based access control
b. Zero Trust
c. Posture assessment
d. Separation of duties
Answer: d. It is important to include separation of duties when planning for
security policy compliance. Without this separation, all areas of control and
compliance could end up in the hands of a single individual.