from the test Flashcards
<p>\_\_ is an example of asymmetric cryptography</p>
<p>RSA </p>
<p>which e-mail security method is defined in RFC 2632 and RFC 2634? </p>
<p>Secure Multipurpose Internet Mail Extensions (s/mime)</p>
<p>\_\_\_ provides non-repudiation, authentication, and integrity for e-mail messages. </p>
<p>S/MIME 3 </p>
<p>\_\_ \_\_ is a spyware technique that inserts a dynamic link library into a running process's memory. </p>
<p>DLL Injection </p>
<p>\_\_ \_\_ occurs when the length of the input data is longer than the length processor buffers can handle. </p>
<p>Buffer Overflow</p>
<p>The major security vulnerability of using FTP is --- </p>
<p>User ID and password are sent in clear text</p>
<p>This layer of the OSI model segments and reassembles data into a data stream and provides reliable and unreliable end to end data transmission</p>
<p>(Layer 4) Transport</p>
<p>This layer starts, maintains, and stops sessions between applications on different network devices. </p>
<p>(Layer 5) Session Layer</p>
<p>This layer provides the functions to establish and maintain the physical link between network devices</p>
<p>(Layer 1) Physical </p>
<p>\_\_\_ provides centralized remote user authentication, authorization and accounting. </p>
<p>RADIUS</p>
<p>This mode ensures that wireless clients can only communicate with the wireless access point and not with other wireless clients.</p>
<p>Isolation Mode</p>
<p>\_\_\_ is an intrusion detection system (IDS)</p>
<p>Snort</p>
<p>\_\_\_ \_\_\_ is the practice of dispensing IP addresses and host names with the goal of traffic diversion.</p>
<p>DNS poisoning </p>
<p>\_\_\_ \_\_\_ \_\_\_ allows an attacker to reroute data traffic from a network device to a personal computer</p>
<p>Network Address Hijacking </p>
<p>\_\_ is a technique used by intruders to circumvent a lock</p>
<p>Raking</p>
<p>\_\_\_ is a collection of programs that grants a hacker administrative access to a computer or network</p>
<p>Rootkit</p>
<p>\_\_\_ risk analysis does not assign monetary values</p>
<p>Qualitative</p>
<p>\_\_ risk analysis attempts to predict the likelihood a threat would occur and assigns a monetary value in the even a loss occus</p>
<p>Quantitative </p>
<p>\_\_ this risk management is discouraging cerain actions from being taken to protect against risk</p>
<p>Deterrence </p>
<p>\_\_ this risk management is deciding to no longer employ the actions associated with a particular risk.</p>
<p>Avoidance </p>
<p>\_\_ this risk management is taking steps to reduce risk </p>
<p>Mitigation</p>
<p>\_\_\_ \_\_\_ allows you to configure how many new passwords must be created before an old one can be reused. </p>
<p>gdfg</p>
<p>A \_\_ test tests specific systems to ensure their operation at alternate facilities </p>
<p>Parallel Test </p>
<p>The chain of custody guarantees \_\_\_ </p>
<p>the identity and integrity of the evidence from the collection stage to its presentation in the court of law. </p>
<p>The revocation request grace period refers to \_\_ </p>
<p>The maximum time taken by the certification authority server to perform a revocation. </p>
<p>You should us a \_\_ to determine if the performance of the server had degraded.</p>
<p>System Monitor</p>
<p>A \_\_ scanner will provide iformation on the ports and services that are available on your network.</p>
<p>Port</p>
<p>A \_\_ test checks your network for known vulnerabilities and provides methods for protection against the vulnerabilities</p>
<p>Vulnerability </p>
<p>During which phase of SSL communication do a web client and a web server establish a TCP/IP connection?</p>
<p>Handshake</p>
<p>Secure Hashing Algorithm (SHA) produces \_\_ bit checksums</p>
<p>160</p>
<p>\_\_ establishes a web of trust between the users.</p>
<p>Pretty Good Privacy (PGP) </p>
<p>PGP is a public key encryption standard that is used to \_\_</p>
<p>to protect e-mail and files that are transmitted over the network. </p>
<p>PGP encrypts data using \_\_ encryption</p>
<p>symmetric</p>
<p>Secure Code Review examines \_\_\_\_</p>
<p>all written code for any security holes that may exist</p>
<p>This type of tool tests your networks security to see if it can be penetrated.</p>
<p>Penetration tester</p>
<p>An Executive succession plan ensures \_\_ </p>
<p>that a vital corporate position is filled in the even it is vacated during a disaster </p>
<p>RSA is an example of \_\_ cryptography with \_\_\_</p>
<p>asymmetric cryptography with authentication</p>
<p>Asymmetric algorithms include</p>
<p>include Diffie-Hellman, RSA,ElGamal, CAST</p>
<p>Symmetric algorithms include</p>
<p>Data Encryption Standard
Triple DES (3DES)
Advanced Encryption Standard </p>
<p>A _ virus can infect both executable files and boot sectors of hard disk drives.</p>
<p>Multipart </p>
<p>This command line utility is used to trouble shoot a domain name server. </p>
<p>Nslookup</p>
<p>This utility traces the route a packet takes and records the hops along the way. </p>
<p>Tracert/traceroute </p>
<p>\_\_\_ is an application layer protocol whose purpose is to collect statistics from TCP/IP devices.</p>
<p>simple network management protocol. (SNMP) </p>
<p>What ports does snmp use?</p>
<p>Ports 161 and 162</p>
<p>\_\_\_\_\_ allows a user to dial in to the network via a modem or modem pool while providing the user with secure access during the he is connected </p>
<p>Remote access server (RAS) </p>
<p>What infrastructure provides the system for the secure exchange of data over a network through the use of an asymmetric key system? </p>
<p>Public key infrastructure (pki)</p>
<p>Another term for technical controls is \_\_ controls</p>
<p>Logical</p>
<p>A backup control is an example of an \_\_\_ control </p>
<p>Operational Control</p>
<p>Software testing is an example of an \_\_\_ control</p>
<p>Operational Control</p>
<p>To implement hardware-based encryption on a Windows server 2008, you need a \_\_</p>
<p>Trusted Platform Module (TPM) chip. </p>
<p>Symmetric keys do not ensure \_\_ and \_\_\_ for key management because the same key is used for encryption and decryption</p>
<p>Security and Scalability </p>
<p>The best protection against cross-site scripting (XSS) is to \_\_</p>
<p>Disable the running of the scripts</p>
<p>A \_\_ contains a list of serial numbers for digital certificates that have not expired, but that a CA has specified to be invalid.</p>
<p>Certificate Revocation List (CRL) </p>
<p>\_\_ is a hashing algorithm that creates a message digest, which can be used to determine whether a file has been changed since the message digest has been changed</p>
<p>Secure Hashing Algorithm (SHA)-1</p>
<p>This network device acts as an internet gateway, firewall and internet caching server for a private network.</p>
<p>Proxy Server</p>
<p>\_\_ is traffic redirection to a site that looks identical to the intended site</p>
<p>Pharming </p>
<p>\_\_ is an asymmetric public key encryption algorithm based on the Diffie-Hellman key agreement. </p>
<p>ElGamal</p>
<p>\_\_ is a Microsoft Windows feature that supports file encryption on NTFS hard disk volumes.</p>
<p>Encrypting File System (EFS) </p>
<p>Sending data across an insecure network, such as the internet, affects \_\_ and \_\_</p>
<p>Confidentiality And Integrity </p>
<p>\_\_\_ is a block cipher encryption standard that uses a single 56-bit encryption to encrypt 64- bit blocks of data.</p>
<p>Data Encryption Standard </p>
<p>\_\_ IDS watches for intrusions that match a known identity.</p>
<p>Signature IDS </p>
<p>A \_\_ IDS detects activities that are unusual. </p>
<p>Anomaly- based </p>
<p>Make sure to look up PBX attacks</p>
<p>PBX</p>
<p>\_\_ was created to deal with Voice over IP and wireless services. </p>
<p>Diameter</p>
<p>\_\_ is used to digitally sign packets that are transmitted on Internet Protocol Security (IPsec connections. </p>
<p>Kyed Hashing for Message Authentication Code (KHMAC </p>
<p>\_\_ files contain information about viruses, such as examples of virus code and the types that a particular virus infects</p>
<p>Signature File</p>
<p>What is the purpose of Infrastructure as a Service in cloud computing?</p>
<p>It provides computer and server infrastructure, typically through a virtualization environment. </p>
<p>What is the main difference between virtualization and cloud computing?</p>
<p>The location and ownership of the physical components. </p>
<p>Which document lists the steps to take in case of a disaster to your main IT site?</p>
<p>Disaster Recovery Plan (DRP) </p>
<p>Which private-key encryption algorithm does PGP use to encrypt data?</p>
<p>International Data Encryption Algorithm (IDEA) </p>
<p>Which document is used when it is necessary to invoke legal action against an employee for inappropriate use of computer resources.</p>
<p> Acceptable use policy </p>
<p>Which error arises because data is not checked before input to ensure that it has an appropriate length?</p>
<p>Buffer overflow errors</p>
<p>Which business continuity planning factor includes vulnerability analysis </p>
<p>Business Impact Assessment </p>
<p>What is the name of the process for removing only the incriminating data from the audit logs?</p>
<p>Scrubbing</p>
<p>Which port does NNTP </p>
<p>119</p>
<p>Which audit category monitors changes to user accounts and groups?</p>
<p>The Audit Account Management category</p>
What are the four types of water sprinklers?
Wet pipe, dry pipe, preaction and deluge.
<p>\_\_ based monitoring looks for behavior that is not allowed and acts accordingly </p>
<p>Behavior </p>
<p>A \_\_ filtering firewall only looks at a data packet to obtain the source and destination addresses and the protocol and port used.</p>
<p>Packet Filtering Firewall</p>
<p>LDAP entries are contained in a \_\_ which is a hierarchical structure that can be searched for directory information.</p>
<p>Directory Information Tree</p>
<p>\_\_ is a private key encryption standard that was developed by the us government for the Clipper Chip. </p>
<p>Skipjack</p>
<p>Skipjack uses an _-bit key. </p>
<p>80</p>
<p>A \_\_\_ firewall is also referred to as an appliance firewall. </p>
<p>Hardware</p>
<p>\_\_ provides a transparent firewall solution between an internal network and outside networks.</p>
<p>NAT</p>
<p>Separation of duties is employed when user accounts are \_\_</p>
<p>created by one employee and user permissions are configured by another employee.</p>
<p>The primary loop protection on an Ethernet network is \_\_</p>
<p>Spanning Tree Protocol (STP) </p>
<p>What is a disadvantage of a hardware firewall compared to a software firewall?</p>
<p>A hardware firewall has a fixed number of available interfaces.</p>
<p>What is an embedded firewall?</p>
<p>A firewall that is integrated into a router.</p>
<p>A software firewall is installed on a \_\_\_</p>
<p>server operating system.</p>
<p>A _ is an encryption method designed to be used only once.</p>
<p>One-time pad (OTP)</p>
<p>\_\_\_ is an 802.11b communications mode that enables wireless devices to communicate directly. </p>
<p>Ad hoc</p>
<p>Classification of information is typically part of an \_\_ </p>
<p>information policy</p>
<p>Secure Hashing Algorithm (SHA) produces \_\_ bit checksums.</p>
<p>160 bit</p>
<p>Which size checksum does MD5 produce? </p>
<p>128 bit</p>
__ ensures that the coputer on the network meet an organizations security policies
Network Access Control
__ __ is a smart card attack that allows a hacker to uncover the encryption key using reverse engineering.
Fault generation
you should use __ to encrypt a single document from your web server.
S-http
Which Kerberos 5 entitiy authenticates users?
The Authentication Service
___ is the process in which the management accepts system functionality and assurance.
Accreditation
What is authentication?
verifying the identity of users
You should use a __ analyzer to determine if passwords are being transmitted in plain text
protocol analyzer
What does the message authentication code (MAC) ensure?
MAC ensures the integrity of messages.
___ indentifies sensitive data and ensures that unauthorized entities cannot access it
Confidentiality
___ ensures that data and resources are available to authorized entities in a timely manner
Availability
__ is the process of identifying a subject requesting system access.
Authentication
__ ensures that data and resources are edited only in an approved manner by authorized entities.
Integrity
Which security service does encryption provide?
Confidentiality
__ is an error-control technique that ensures that files have not been changed.
packet checksum
__ refers to the quantitative amount of loss incurred by a single event.
Single Loss Expectancy
A network protocol analyzer is also known as a
Packet Sniffer
A __ right occurs when user inherits a permission based on group membership.
Implicit
An __ right occurs when a user is directly give a permission.
Explicit
A __ plan is primarily concerned with recovering major systems and applications after a disruption.
Contingency
In low encryption mode, which level of encryption does WEP provide?
64-bit
__ allows organizations to deploy web servers, databases, and delelopment tools in a cloud
Platform as a service
__ allows organizations to run applications in a cloud.
Software as a service
__ allows organizations to deploy virtual machines, servers, and storage in a cloud.
Infrastructure
__ is a protocol that secures messages between the Application and Transport layer
SSL
__ is a protocol used to test and report on path info between network devices
ICMP
__ is a protocol that allows files to be copied over a secure connection.
SCP
Look up EAP methods
dfg
Log analysis is an example of a
network analysis
A __ copy of a hard disk refers to making a copy at the sector level to cover every part of the area that can store user data.
Bit-level
__ is synonymous with protocol analyzing.
Packet Sniffing
Layer 2 Tunneling Protocol operates at the ___ layer of the OSI model?
Data Link layer 2
A Fail-over system is a computer that does ___?
Is connected to a primary computer and takes over if the primary computer fails.
__ is an authentication framework used in wireless networks and point-to-point connections.
Extensible Authentication Protocol (EAP)
Which setting ensures that accounts are not used beyond a certain date and/or time?
account expiration
Which port does SSH use?
22
What is derived by multiplying single loss expectancy (SLE) by the annualized rate of occurrence (ARO) of an event?
Annualized loss expectancy (ALE)
what is the primary concern of RAID?
Availability
Which type of attack does Challenge Handshake Authentication Protocol protect against?
Replay attack
Which protocol is the combo of PPTP and Cisco’s Layer 2 forwarding (L2F) technology?
Layer 2 Tunneling Protocol (L2TP)
What does SLA stand for?
Service Level Agreement
What does the SLA define?
Defines the level of service to be provided
What is a BPO?
Blanket Purchase Order
What does the BPO do?
It is an agreement between a government agency and a private company for ongoing purchases of goods or services.
What is a MOU?
Memorandum of Understanding
What does a MOU do?
Ii is a brief summary of which party is responsible for what portion of the work.
What is an ISA?
The Interconnection Security Agreement.
What does a ISA do?
This is an agreement between two organizations that have connected systems.
TCP/IP protocol suite operates at which layer of the OSI model?
Layer 4 Transmission
LDAP uses which port?
389
LDAP with SSL uses which port?
636
Which port does L2TP use?
1701
The audit __ __ category will audit all instances of users exercising their rights.
Audit privilege use
The audit __ __ audit category monitors changes to user accounts and groups
Account Management
