Exam Compass Net+ Security Concepts Flashcards
T/F: The term “CIA triad” is used to describe the basic principles of information security.
True
Which of the following terms refer to the concept of confidentiality? (Select 3 answers)
Fault tolerance
Encryption
Non-repudiation
Access control methods
Steganography
Redundancy
Patch management
Hashing
Load balancing
Encryption
Access control methods
Steganography
Which of the following terms refer(s) to the concept of integrity? (Select all that apply)
Steganography
Hashing
Digital signatures
Encryption
Digital certificates
Redundancy
Non-repudiation
Access control methods
Fault tolerance
Hashing
Digital signatures
Digital certificates
Non-repudiation
Which of the following terms refer(s) to the concept of availability? (Select all that apply)
Redundancy
Fault tolerance
Non-repudiation
Hashing
Load balancing
Patch management
Digital certificates
Encryption
Access control methods
Redundancy
Fault tolerance
Load balancing
Patch management
Which of the security measures listed below would be effective against the malicious insider threat? (Select 3 answers)
DLP system
Principle of least privilege
Time-of-day restrictions
Strong authentication
Usage auditing and review
DLP system
Principle of least privilege
Usage auditing and review
A concept of effective security posture employing multiple tools and different techniques to slow down an attacker is known as: (Select 2 answers)
Network Access Control (NAC)
Layered security
AAA framework
Principle of least privilege
Defense in depth
Layered security
Defense in depth
A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company’s firewall is called:
Captive portal Honeynet Quarantine network Extranet Screened subnet
Screened subnet
T/F: Network Access Control (NAC) defines a set of rules enforced in a network that the clients attempting to access the network must comply with. With NAC, policies can be enforced before or after end-stations gain access to the network. NAC can be implemented as pre-admission NAC where a host must, for example, be virus free or have patches applied before it can be allowed to connect to the network, and/or post-admission NAC, where a host is being granted/denied permissions based on its actions after it has been provided with the access to the network.
True
802.1X is an IEEE standard for implementing what?
Port-based NAC
A monitored host holding no valuable data specifically designed to detect unauthorized access attempts and divert attacker’s attention from the corporate network is known as:
honeypot
T/F: Authentication process can be based on various categories of authentication factors and attributes. Authentication factors include unique physical traits of each individual such as fingerprints (“something you are”), physical tokens such as smart cards (“something you have”), or usernames and passwords (“something you know”). The categories of authentication attributes include geolocation (“somewhere you are”), user-specific activity patterns, such as keyboard typing style (“something you can do”), revealing something about an individual, e.g. wearing an ID badge (“something you exhibit”), or proving the relation with a trusted third party (“someone you know”). Multifactor authentication systems require implementation of authentication factors from two or more distinct categories.
True
What are the characteristics of TACACS+? (Select 3 answers)
Encrypts only the password in the access-request packet
Combines authentication and authorization
Encrypts the entire payload of the access-request packet
Primarily used for device administration
Separates authentication and authorization
Primarily used for network access
Encrypts the entire payload of the access-request packet
Primarily used for device administration
Separates authentication and authorization
An authentication subsystem that enables a user to access multiple, connected system components (such as separate hosts on a network) after a single login on only one of the components is known as:
SSO
What are the characteristic features of RADIUS? (Select 3 answers)
Primarily used for network access Encrypts the entire payload of the access-request packet Combines authentication and authorization Encrypts only the password in the access-request packet Primarily used for device administration Separates authentication and authorization
Primarily used for network access
Combines authentication and authorization
Encrypts only the password in the access-request packet
Which of the following authentication protocols can be used to enable SSO?
-PAP
-LDAP
-MS-CHAP
-Kerberos
-Radius
Kerberos