Domain 4.0 Application, Data & Host Security Flashcards

0
Q
Which of the following is not available to most businesses or individuals as a defense against buffer overflow or software exploitation attacks?
A.  Patching
B.  Input validation coding
C.  Monitoring with an IDS
D.  Updating anti-malware scanners
A

B. Input validation coding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
1
Q

What research tool or technique is used to manipulate input in order to discover abnormal responses in applications?

A. Pharming
B. LDAP injection
C. Fuzzing
D. Sniffing

A

C. Fuzzing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is an attack that is based on the exploitation of the trust a Web site has in a visiting user that enables an attacker to send arbitrary HTTP requests as if they came from the trusted user known as?

A. Cross site scripting
B. SQL injection
C. Cross site request forgery
D. Domain kiting

A

C. Cross site request forgery

HTTP - HyperText Transfer Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the first step in application hardening?

A. Installing additional add-ons
B. Setting configurations
C. Disabling or removing unnecessary components
D. Application of updates or patches

A

C. Disabling or removing unnecessary components

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following is not true in regards to patch management?

A. Every line of code should be tested before deployment
B. All software and system changes need to be confirmed by the change approval process
C. Promptly apply mission critical patches as soon as they are released by the vendor
D. Unrestricted implementation of software changes, including patches, can result in reduced security

A

A. Every line of code should be tested before deployment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is not a direct protection or prevention of XSS

A. TLS encryption
B. Escaping of meta-characters received as input
C. Validate HTML input
D. Disabling scripting in user browsers

A

D. Disabling scripting in user browsers

HTML - HyperText Markup Language
TLS - Transport Layer Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following is least effective at blocking the transmission of malware?

A. Anti-virus
B. Pop-up blockers
C. Spam filters
D. Multi-factor authentication

A

D. Multi-factor authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

System hardening involves removing unnecessary components and then locking down what is left. What is usually an important early step in the process of locking down a client?

A. Audit configuration
B. Patch management
C. Authorization settings
D. Compliance testing

A

B. Patch management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What security mechanism will provide the best defense against the most common risk of a portable computer in use in a public location?

A. Cable lock
B. Screen lock
C. File encryption
D. Logon tracking

A

A. Cable lock

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In larger environments, what can be created that will streamline the deployment of many duplicate client systems to be applied to other similar systems for rapid deployment?

A. Master boot password
B. Device driver rollup
C. Host software baseline
D. Remote wipe service

A

C. Host software baseline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is the most unlikely security feature to be present and/or configured on a typical smartphone?

A. Screen lock
B. Remote wipe capability
C. GPS tracking
D. Storage encryption for user data

A

D. Storage encryption for user data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What security mechanism can provide protection for a host against a compromised network as well as protection for a network from a user performing local risky behaviors?

A. Mutual authentication
B. Host-based firewall
C. Encrypted transaction protocols
D. Whole drive encryption

A

B. Host-based firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which if the following is not a benefit of removable media management and security?

A. Library check-out/check-in system
B. Locked cabinet
C. Anti-spam filters
D. File encryption

A

C. Anti-spam filters

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the security requirements for a virtual system?

A. Less than a physical system
B. Greater than a physical system
C. Equivalent to a physical system
D. Unrelated to a physical system

A

C. Equivalent to a physical system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is implied when a virus infects the operating system of a virtual server?

A. Other virtual servers are infected
B. The host is infected
C. The infected system is unharmed
D. The host and other virtual systems are not necessarily infected

A

D. The host and other virtual systems are not necessarily infected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What feature is most effective at minimizing the risk of data loss in regards to the loss of a removable storage device?

A. Two-factor authentication
B. Whole drive encryption
C. Access auditing
D. Classification labeling

A

B. Whole drive encryption

16
Q

What activity is most likely to result in data loss?

A. Using FTPS to transfer files over the internet
B. Accessing the management interface of a switch using an SSH session
C. Moving data between systems on a USB drive
D. Encrypting backup media for storage at an offsite location

A

C. Moving data between systems on a USB drive

17
Q

What form of encryption is most likely to use a single encryption key to secure all data?

A. Whole drive encryption
B. File encryption
C. Public key encryption
D. E-mail message encryption

A

A. Whole drive encryption

18
Q

What device commonly found on portable system motherboards can be used to store encryption keys?

A. TLS
B. TPM
C. OCSP
D. CAC

A

B. TPM (Trusted Platform Module)

TLS - Transport Layer Security
OCSP - Online Certificate Status Protocol
CAC - Common Access Card

19
Q

What is the security feature or mechanism that applies to a USB thumb drive to minimize the risk of data confidentiality breach?

A. Antimalware scanner
B. Remote wipe capability
C. Formatting with FAT to prevent large file sizes
D. File encryption

A

D. File encryption

20
Q

What is lost when implementing a cloud computing solution?

A. Remote access to the data
B. Physical control over the data
C. Authorization control over the data
D. Auditing of use of the data

A

B. Physical control over the data

21
Q

What should you implement in order to ensure the privacy of your data, in spite of the loss of physical control over the data, when stored in an online or cloud service?

A. PIE (Pre-Internet Encryption)
B. Compressed archiving
C. Detailed logging
D. Multi-factor authentication

A

A. PIE (Pre-Internet Encryption)