Exam Compass Net+ Security Concepts Flashcards

1
Q

T/F: The term “CIA triad” is used to describe the basic principles of information security.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following terms refer to the concept of confidentiality? (Select 3 answers)

Fault tolerance
Encryption
Non-repudiation
Access control methods
Steganography
Redundancy
Patch management
Hashing
Load balancing

A

Encryption
Access control methods
Steganography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following terms refer(s) to the concept of integrity? (Select all that apply)

Steganography
Hashing
Digital signatures
Encryption
Digital certificates
Redundancy
Non-repudiation
Access control methods
Fault tolerance

A

Hashing
Digital signatures
Digital certificates
Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following terms refer(s) to the concept of availability? (Select all that apply)

Redundancy
Fault tolerance
Non-repudiation
Hashing
Load balancing
Patch management
Digital certificates
Encryption
Access control methods

A

Redundancy
Fault tolerance
Load balancing
Patch management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the security measures listed below would be effective against the malicious insider threat? (Select 3 answers)

DLP system
Principle of least privilege
Time-of-day restrictions
Strong authentication
Usage auditing and review

A

DLP system
Principle of least privilege
Usage auditing and review

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A concept of effective security posture employing multiple tools and different techniques to slow down an attacker is known as: (Select 2 answers)

Network Access Control (NAC)
Layered security
AAA framework
Principle of least privilege
Defense in depth

A

Layered security
Defense in depth

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A lightly protected subnet (previously known as a DMZ) consisting of publicly available servers placed on the outside of the company’s firewall is called:

Captive portal
Honeynet
Quarantine network
Extranet
Screened subnet
A

Screened subnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

T/F: Network Access Control (NAC) defines a set of rules enforced in a network that the clients attempting to access the network must comply with. With NAC, policies can be enforced before or after end-stations gain access to the network. NAC can be implemented as pre-admission NAC where a host must, for example, be virus free or have patches applied before it can be allowed to connect to the network, and/or post-admission NAC, where a host is being granted/denied permissions based on its actions after it has been provided with the access to the network.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

802.1X is an IEEE standard for implementing what?

A

Port-based NAC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A monitored host holding no valuable data specifically designed to detect unauthorized access attempts and divert attacker’s attention from the corporate network is known as:

A

honeypot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

T/F: Authentication process can be based on various categories of authentication factors and attributes. Authentication factors include unique physical traits of each individual such as fingerprints (“something you are”), physical tokens such as smart cards (“something you have”), or usernames and passwords (“something you know”). The categories of authentication attributes include geolocation (“somewhere you are”), user-specific activity patterns, such as keyboard typing style (“something you can do”), revealing something about an individual, e.g. wearing an ID badge (“something you exhibit”), or proving the relation with a trusted third party (“someone you know”). Multifactor authentication systems require implementation of authentication factors from two or more distinct categories.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the characteristics of TACACS+? (Select 3 answers)

Encrypts only the password in the access-request packet
Combines authentication and authorization
Encrypts the entire payload of the access-request packet
Primarily used for device administration
Separates authentication and authorization
Primarily used for network access

A

Encrypts the entire payload of the access-request packet
Primarily used for device administration
Separates authentication and authorization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An authentication subsystem that enables a user to access multiple, connected system components (such as separate hosts on a network) after a single login on only one of the components is known as:

A

SSO

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the characteristic features of RADIUS? (Select 3 answers)

Primarily used for network access
Encrypts the entire payload of the access-request packet
Combines authentication and authorization
Encrypts only the password in the access-request packet
Primarily used for device administration
Separates authentication and authorization
A

Primarily used for network access
Combines authentication and authorization
Encrypts only the password in the access-request packet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following authentication protocols can be used to enable SSO?
-PAP
-LDAP
-MS-CHAP
-Kerberos
-Radius

A

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Assigning a unique encrypted key, called a ticket, to each user that logs on to the network is a characteristic feature of what?

A

Kerberos

17
Q

In the Kerberos-based authentication process, the purpose of the client’s timestamp is to provide countermeasure against what?

A

Replay attacks

18
Q

Which protocol ensures the reliability of the Kerberos authentication process?

A

NTP

19
Q

T/F: Extensible Authentication Protocol (EAP) is an authentication framework frequently used in wireless networks and point-to-point connections. EAP provides an authentication framework, not a specific authentication mechanism. There are many authentication mechanisms (referred to as EAP methods) that can be used with EAP. Wireless networks take advantage of several EAP methods, including PEAP, EAP-FAST, EAP-TLS, and EAP-TTLS.

A

True

20
Q

Vulnerability scanning: (Select all that apply)

Identifies lack of security controls
Actively tests security controls
Identifies common misconfigurations 
Exploits vulnerabilities
Passively tests security controls
A

Identifies lack of security controls
Identifies common misconfigurations
Passively tests security controls

21
Q

Penetration testing: (Select all that apply)

Bypasses security controls
Only identifies lack of security controls
Actively tests security controls
Exploits vulnerabilities
Passively tests security controls
A

Bypasses security controls
Actively tests security controls
Exploits vulnerabilities

22
Q

What is the name of a security solution designed to detect anomalies in the log and event data collected from multiple network devices?

A

SIEM