Idk Flashcards

1
Q

A legal contract between the holder of confidential information and another person to whom that information is disclosed, prohibiting that other person from disclosing the confidential information to any other party is known as:

A

NDA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A type of document stipulating rules of behavior to be followed by users of computers, networks, and associated resources is referred to as:

A

AUP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the acronyms listed below refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster?

A

RTO

Recovery Time Objective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

In business continuity planning, the maximum tolerable point in time to which systems and data must be recovered after an outage is called:

A

RPO

Recovery Point Objective

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following terms is used to describe an average time required to repair a failed component or device?

A

MTTR

Mean Time To Recovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which term describes the predicted loss of value to an asset based on a single security incident?

A

SLE

Single Loss Expectancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the acronyms listed below refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?

A

ALE

Annual Loss Expectancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

An estimate based on the historical data of how often a threat would be successful in exploiting a vulnerability is known as:

A

ARO

Annualized Rate of Occurrence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat.

A

ARO

Annualized Rate of Occurrence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

In forensic analysis, taking hashes ensures that the collected digital evidence retains:

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Disabling certain system functions or shutting down the system when risks are identified is an example of:

A

Risk Avoidance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Contracting out a specialized technical component when the company’s employees lack the necessary skills is an example of:

A

Risk Transference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following terms relates closely to the concept of residual risk?

A

Risk Acceptance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Assessment of risk probability and its impact based on subjective judgment falls into the category of:

A

Qualitative Risk Assessment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Quantitative Risk Assessment

A

A calculation of the Single Loss Expectancy (SLE) is an example of:

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following would be of help in preserving the integrity of a digital evidence? (Select 2 answers)

A
  • Disk Imaging

* Hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Indicating whether a file has been modified since the last backup.

A

Archive Bit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the answers listed below refer to examples of deterrent security controls? (Select 3 answers)

A
  • Warning Signs
  • Lighting
  • Login Banner
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are the examples of preventive security controls? (Select 3 answers)

A
  • OS Hardening
  • Separation of Duties
  • Security Guards
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following answers refer to examples of detective security controls (Select 3 answers)

A
  • System Logs
  • Security Audits
  • CCTV
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the answers listed below refer to examples of corrective security controls? (Select 3 answers)

A
  • IPS
  • Alternate Site
  • Backup Data Recovery
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which of the following answers refers to a compensating security control?

A

Backup Generator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which of the terms listed below DO NOT fall into the category of technical security controls? (Select 3 answers)

A
  • Barricades/Bollards
  • Cable Locks
  • Secure Cabinets/Enclosures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What are the examples of administrative security controls? (Select 3 answers)

A
  • Risk Assessments
  • Escalation Procedures
  • Contingency Planning
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Which of the following terms DO NOT fall into the category of physical security controls? (Select 3 answers)
* User password * Encryption * AV Software
26
Which of the following methods provides the most effective way for permanent removal of data stored on a magnetic drive?
Degaussing
27
Which of the acronyms listed below refers to any type of information pertaining to an individual that can be used to uniquely identify that person?
PII
28
The US Health Insurance Portability and Accountability Act (HIPAA) provides privacy protection for: (Select best answer)
PHI
29
A type of encryption scheme where the same key is used to encrypt and decrypt data is referred to as: (Select 3 answers)
* Symmetric Encryption * Session-Key Encryption * Secret-Key Encryption
30
Which of the following block cipher modes is the simplest/weakest and therefore not recommended for use?
ECB
31
Which of the block cipher modes listed below provides both data integrity and confidentiality?
GCM
32
In asymmetric encryption, any message encrypted with the use of a public key can only be decrypted by applying the same algorithm and a matching private key. (True or False)
True
33
Pseudo-random data added to a password before hashing is called:
Salt
34
Which of the following answers refers to a type of additional input that increases password complexity and provides better protection against brute-force, dictionary, and rainbow table attacks?
Salt
35
Pseudo-random data used in combination with a secret key in WEP and SSL encryption schemes is known as:
IV
36
Examples of means that provide randomization during the encryption process include: (Select 3 answers)
* Cryptographic nonce * Salting * IV
37
What are the characteristic features of Elliptic Curve Cryptography (ECC)? (Select 3 answers)
* Asymmetric encryption * Low processing power * Suitable for small wireless devices
38
What are the examples of weak/deprecated cryptographic solutions? (Select 3 answers)
* WEP * SSL * DES
39
Digital signatures provide: (Select 3 answers)
* Integrity * Authentication * Non-repudiation
40
Which of the terms listed below is used to describe a situation where a small change introduced to the input data before encryption causes large changes in its encrypted version?
Diffusion
41
Which of the following terms is used in conjunction with the assumption that the output of a cryptographic function should be considerably different from the corresponding plaintext input?
Confusion
42
Unlike stream ciphers which process data by encrypting individual bits, block ciphers divide data into separate fragments and encrypt each fragment separately. (True or False)
True
43
In cryptography, the number of bits in a key used by a cryptographic algorithm is referred to as a key size or key length. The key size determines the maximum number of combinations required to break the encryption algorithm, therefore typically a longer key means stronger cryptographic security. (True or False)
True
44
What are the characteristic features of a session key? (Select 2 answers)
* Used during a single session | * Symmetric key
45
The term "Ephemeral key" refers to an asymmetric encryption key designed to be used only for a single session or transaction. (True or False)
True
46
In cryptography, the term "Secret algorithm" refers to an algorithm designed in a way that prevents the examination of its inner workings. (True or False)
True
47
Which of the three states of digital data requires data to be processed in an unencrypted form?
Data-in-use
48
In cryptography, the term "Key stretching" refers to a mechanism for extending the length of a cryptographic key to make it more secure against brute-force attacks. (True or False)
True
49
Which of the answers listed below refers to a solution designed to strengthen the security of session keys?
Perfect forward secrecy (PFS)
50
Which of the following terms illustrate(s) the security through obscurity concept? (Select all that apply)
* Code obfuscation * Steganography * SSID broadcast suppression * Substitution cipher
51
Which of the answers listed below refer to the Advanced Encryption Standard (AES)? (Select 3 answers)
* Symmetric-key algorithm * 128-, 192-, and 256-bit keys * Block cipher algorithm
52
Which of the algorithms listed below does not belong to the category of symmetric ciphers?
RSA (Public-key encryption)
53
A cryptographic standard for digital signatures is known as:
Digital Signature Algorithm (DSA) (Public-key cryptography)
54
Which of the following answers refers to a commonly used asymmetric algorithm for secure exchange of symmetric keys?
Diffie-Hellman
55
Which of the following are hashing algorithms? (Select all that apply)
* MD5 * RIPEMD * HMAC * SHA
56
What are the examples of key stretching algorithms? (Select 2 answers)
* Bcrypt | * PBKDF2
57
Which of the answers listed below refer to obfuscation methods? (Select 3 answers)
* Steganography * XOR cipher * ROT13
58
A security protocol designed to strengthen WEP implementations is known as:
TKIP
59
What are the characteristic features of WPA/WPA2 Enterprise mode? (Select 2 answers)
* Suitable for large corporate networks | * Requires RADIUS authentication server
60
Which of the following answers refers to a hierarchical system for the creation, management, storage, distribution, and revocation of digital certificates?
Public Key Infrastructure (PKI)
61
A type of trusted third party that issues digital certificates used for creating digital signatures and public-private key pairs is known as:
Certificate Authority (CA)
62
Which of the following solutions allow to check whether a digital certificate has been revoked? (Select 2 answers)
* CRL | * OSCP
63
What is the fastest way for validating a digital certificate?
OSCP
64
Which of the answers listed below refers to a method for requesting a digital certificate?
Certificate Signing Request (CSR)
65
Which of the following allows for checking digital certificate revocation status without contacting Certificate Authority (CA)?
OCSP Stapling (Determines if an SSL certificate is valid)
66
A security mechanism that allows HTTPS websites to resist impersonation by attackers using fraudulent certificates is called:
HTTP Public Key Pinning (HPKP)
67
Which of the answers listed below refer to examples of PKI trust models?
* Single CA model * Hierarchical model (root CA + intermediate CAs) * Mesh model (cross-certifying CAs) * Web of trust model (all CAs act as root CAs) * Client-server mutual authentication model * *** All of the above
68
A trusted third-party storage solution providing backup source for cryptographic keys is referred to as:
Key Escrow
69
Copies of lost private encryption keys can be retrieved from a key escrow by recovery agents. Recovery agent is an individual with access to key database and permission level allowing him/her to extract keys from escrow. (True or False)
True
70
The term "Certificate chaining" refers to a process of verifying the authenticity of a newly received digital certificate. Such process involves checking all of the certificates in the chain of certificates from a trusted root CA, through any intermediate CAs, down to the certificate issued to the end user. A new certificate can only be trusted if each certificate in that certificate's chain is properly issued and valid. (True or False)
True
71
Which digital certificate type allows multiple subdomains to be protected by a single certificate?
Wildcard certificate
72
A digital certificate which allows multiple domains to be protected by a single certificate is known as:
Subject Alternative Name (SAN) certificate
73
Which of the following certificate formats is used to store a binary representation of a digital certificate?
Distinguished Encoding Rules (DER)
74
Which of the answers listed below refers to the most common format in which Certificate Authorities (CA) issue certificates?
Privacy Enhanced Mail (PEM)
75
Which digital certificate formats are commonly used to store private keys? (Select 2 answers)
* PFX | * P12
76
Which of the answers listed below refers to a technology designed to simplify network infrastructure management?
Software-Defined Networking (SDN)
77
Which of the following answers refers to a data storage device equipped with a hardware-level encryption functionality?
Self-Encrypting Drive (SED)
78
A hardware device or a plugin-in card used for secure management, processing and storage of cryptographic keys is known as:
Hardware Security Module (HSM)
79
The term "Remote attestation" refers to a TPM's capability to check a computer system's integrity against a remote trusted third-party service. (True or False)
True
80
The concept of a secure supply chain is based on the assumption that all hardware/software should originate from reliable sources. (True or False)
True
81
EMI shielding protects the transferred data signals from: (Select all that apply)
* Outside interference | * Eavesdropping
82
The term "Trusted OS" refers to an operating system:
Equipped with enhanced security features
83
A system providing the capability for remote control, real-time monitoring, and gathering information related to industrial equipment is generally referred to as:
Industrial Control System (ICS)
84
Which of the following answers lists an example of an industrial control system solution?
SCADA
85
Which of the following would be the most effective in securing an ICS infrastructure?
Network isolation
86
A document stored in the memory of this device can pose a risk of an unauthorized data access.
MFD
87
Which of the answers listed below refer to technical security controls that can be applied to an UAV? (Select 2 answers)
* Wireless signal encryption | * Password protection
88
An SDLC model featuring a linear design process consisting of distinct sequential stages is known as:
Waterfall
89
One of the main premises behind the waterfall software development model is the adaptation to changes during the software development process rather than strict adherence to a well-documented sequence of steps. (True or False)
False
90
Which of the following terms refers to a DevOps software deployment approach in which applications and services are redeployed rather than modified whenever a need for introducing a change occurs?
Immutable systems
91
A DevOps practice that replaces manual configuration of hardware with automatic deployment through code is called:
Infrastructure as Code (IaC)
92
Which programming aspects listed below are critical in secure application development process? (Select 2 answers)
* Input validation | * Error and Exception handling
93
Which of the following answers refers to a countermeasure against code injection?
Input validation
94
The process of removing redundant entries from a database is known as:
Normalization
95
What are the countermeasures against SQL injection attacks? (Select 2 answers)
* Stored procedures | * Input validation
96
What is the purpose of code signing? (Select 2 answers)
* Confirms the application's source of origin | * Validates the application's integrity
97
Code obfuscation techniques rely on encryption to protect the source code against unauthorized access. (True or False)
False
98
A type of redundant source code producing an output not used anywhere in the application is commonly referred to as:
Dead Code
99
Which of the acronyms listed below refers to a specialized suite of software tools used for developing applications for a specific platform?
Software Development Kit (SDK)
100
A collection of commonly used programming functions designed to speed up a software development process is known as:
Library
101
What type of third-party code poses increased security risks during the application development process? (Select all that apply)
* SDK | * Library
102
A dynamic code analysis allows for detecting application flaws without the need for actual execution of the application code. (True or False)
False
103
The practice of finding vulnerabilities in an application by feeding it incorrect input is known as:
Fuzzing
104
A type of code that has already been translated from a high-level programming language into a low-level programming language and converted into an executable file is referred to as:
Compiled code
105
A type of code saved in the same format as it was entered and interpreted during program execution is called:
Runtime code
106
In virtualization technology, a software program that manages multiple operating systems (or multiple instances of the same operating system) on a single computer system is called:
Hypervisor
107
This occurs when the number of virtual machines on a network reaches a point where the administrator can no longer manage them effectively.
VM Sprawl
108
Which of the following security measures can be used to prevent VM sprawl? (Select 2 answers)
* Usage audit | * Asset documentation
109
An exploit in which the attacker runs code on a VM that allows an operating system running within it to break out and interact indirectly with the hypervisor.
VM Escape
110
What are the countermeasures against VM escape? (Select 2 answers)
* Sand boxing | * Patch management
111
Which of the following answers refers to a security policy enforcement software tool or service placed between cloud service users and cloud applications?
Cloud Access Security Broker (CASB)
112
A type of text file containing security configuration settings used for security policy automation in Windows-based environments is known as:
Template
113
Method used by IPSec to create a secure tunnel by encrypting the connection between Authenticated peers.
Internet Key Exchange (IKE)
114
Establishment of secure connections and shared security information using certificates or cryptographic keys.
Security Association (SA)
115
Provides integrity, confidentiality, and authenticity of packets by encapsulating and encrypting them.
Encapsulating Security Payload (ESP)
116
What IPSec protocol provides authentication, integrity and confidentiality?
ESP (Encapsulating Security Payload)
117
Host to host transport mode only uses encryption of the payload of an IP packet but not it’s header.
Transport Mode within IPSec
118
Protocol used in IPSec that provides integrity and authentication.
Authentication Header (AH)
119
Is used for transmission between hosts on a private network.
Transport Mode
120
A network tunnel is created which encrypts the entire IP packet (payload and header).
Tunnel Mode
121
Commonly used for transmission between networks.
Tunnel Mode
122
Provides data striping across multiple disks to increase performance.
RAID 0
123
Provides redundancy by mirroring the data identically on two hard disks.
RAID 1
124
Provides redundancy by striping data and parity data across the disk drives.
RAID 5
125
Provides redundancy by striping and double parity data across the disk drives.
RAID 6
126
Creates a striped RAID of two mirrored RAIDs | combines RAID 1 & RAID 0
RAID 10
127
Two or more servers working together to perform a particular job function.
Cluster
128
A secondary server can take over the function when the primary one fails.
Failover Cluster
129
Servers are clustered in order to share resources such as CPU, RAM, and hard disks.
Load-Balancing Cluster
130
A modification introduced to a computer code that changes its external behavior (e.g. to maintain compatibility between a newer OS and an older version of application software) is called:
Shimming
131
The practice of optimizing existing computer code without changing its external behavior is known as:
Refactoring
132
Which of the terms listed below refer(s) to software/hardware driver manipulation technique(s) that might be used to enable malware injection? (Select all that apply)
* Refactoring | * Shimming
133
Which of the acronyms listed below refers to a cryptographic attack where the attacker has access to both the plaintext and its encrypted version?
Known-Plaintext Attack (KPA)
134
A man-in-the-middle attack that forces modern clients (browsers) and servers (websites) to downgrade the security protocol to SSLv3 from TLSv1.0 or higher.
Poodle (Padding Oracle On Downgraded Legacy Encryption)
135
Which of the following answers lists an example of a cryptographic downgrade attack?
Poodle
136
Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply)
* IPSec * Kerberos * CHAP
137
Which of the statements listed below describe the purpose behind collecting OSINT? (Select 3 answers)
* Gaining advantage over competitors * Passive reconnaissance in penetration testing * Preparation before launching a cyberattack
138
Penetration testing: (Select all that apply)
* Bypasses security controls * Actively tests security controls * Exploits vulnerabilities
139
Vulnerability scanning: (Select all that apply)
* Identifies lack of security controls * Identifies common misconfigurations * Passively tests security controls
140
Which of the following factors pose the greatest risk for embedded systems? (Select 2 answers)
* Inadequate vendor support | * Default configurations
141
After feeding an input form field with incorrect data, a hacker gets access to debugger info providing extensive description of the error. This situation is an example of:
Improper error handling
142
An attacker managed to associate his/her MAC address with the IP address of the default gateway. In result, a targeted host is sending network traffic to the attackers IP address instead of the IP address of the default gateway.
ARP Poisoning
143
An attacker intercepts user data and tries to use this information later to impersonate the user to obtain unauthorized access to resources on a network.
Replay Attack
144
A wireless disassociation attack is a type of:
DoS attack
145
Which of the statements listed below describe the purpose behind collecting OSINT?
* Gaining advantage over competitors * Passive reconnaissance in penetration testing * Preparation before launching a cyberattack
146
An e-commerce store app running on an unpatched web server is an example of:
Vulnerable business process
147
A situation in which an application fails to properly release memory allocated to it or continually request more memory than it needs is called:
Memory leak
148
A situation in which an application writes to an area of memory that it is not supposed to access is referred to as:
Buffer overflow
149
Which of the following terms describes an attempt to read a variable that stores a null value?
Pointer de-reference
150
A collection of precompiled functions designed to be used by more than one Microsoft Windows application simultaneously to save system resources is known as:
DLL
151
Which of the terms listed below describes a type of attack that relies on executing a library of code?
DLL injection
152
What is described as one of the aspects of poor asset management process?
System sprawl
153
An effective asset management process provides countermeasures against?
* System sprawl * Undocumented assets * Architecture & Design weaknesses
154
What applies to a request that doesn’t match the criteria defined in an ACL?
Implicit deny rule
155
Jsjsjjsjs
Stateless Firewall
156
Hdjfjj
Statefull Firewall
157
VPNs can be either remote-access (used for connecting to a computer to a network) or site-to-site (used for connecting networks).
True
158
What part of the IPSec protocol suite provides authentication and integrity?
AH (Authentication Header)
159
Which of the terms listed below describes a type of VPN that alleviates bottlenecks and conserves bandwidth by allowing users simultaneously make use of both the VPN and public network links?
Split tunnel
160
The term “Always-on VPN” refers to a type of persistent VPN connection that starts automatically as soon as the computer detects a network link.
True
161
An IDS that detects intrusions by comparing network traffic against the previously established baseline can be classified as:
* Heuristic * Anomaly-based * Behavioral
162
A type of IDS that relies on predetermined attack patterns to detect intrusions is referred to as a signature-based IDS.
True
163
A security administrator configured an IDS to receive traffic from a network switch via port mirroring. Which of the following terms can be used to describe the operation mode of the IDS?
* Passive | * Out-of-band
164
Which of the following answers applies to a situation where an Ethernet switch acts as an authenticator for devices that intend to connect to a network through one of its ports?
IEEE 802.1X
165
Which of the following protocols provide protection against switching loops?
* STP (?) | * RSTP (?)
166
What is the name of a security mechanism that protects a network switch against populating it’s MAC table with invalid source addresses?
Flood Guard
167
Which of the following statements describe the function of a forward proxy?
* Acts on behalf of a client | * Hides the identity of a client
168
Which of the statements listed below describe the function of a reverse proxy?
* Acts on behalf of a server | * Hides the identity of a server
169
What are the characteristic features of a transparent proxy?
* Doesn’t require client-side configuration * Redirects clients requests and responses without modifying them * Clients might be unaware of the proxy service
170
A non-transparent proxy:
* Modifies clients request and responses | * Requires client-side configuration
171
Which of the terms listed below refers to a method that ignores the load balancing algorithm by consistently passing requests from a given client to the same server?
Session Affinity
172
In a round-robin method, each consecutive request is handled by:
Next server in the cluster
173
In active-passive mode, load balancers distribute network traffic across:
Servers marked as active
174
In active-active mode, load balancers distribute network traffic across:
All servers
175
What type of IP address would be assigned to a software-based load balancer to handle an internet site hosted on several web servers, each with its own private IP address?
Virtual IP address
176
An infrastructure device designed for connecting wireless/wired client device to a network is commonly referred to as:
Access Point (AP)
177
Which of the tools listed below would be of help in troubleshooting signal loss and low wireless network signal coverage?
WAP power level controls
178
Which of the following answers refers to a common antenna type used as a standard equipment on most access points (AP) for indoor Wireless Local Area Network (WLAN) deployment?
Dipole antenna
179
Which of the antenna types listed below provide a 360-degree horizontal signal coverage?
* Dipole antenna | * Omnidirectional antenna
180
Which of the following answers refer to highly directional antenna types used for long-range point-to-point bridging links?
* Dish antenna | * Unidirectional antenna
181
A type of architecture in which most of the network configuration settings of an Access Point (AP) are set and managed with the use of a central switch or controller is called:
Thin AP
182
The standard for web application security.
OWASP (Open Web Application Security Process)
183
When multiple threads in an application are using the same variable.
Race Conditions
184
A malfunction in preprogrammed sequential access to a shared resource is described as:
Race Condition
185
The international standard used for maintaining security systems.
ISO 27002
186
Used for cloud security.
ISO 27017
187
A physical device used for authentication and can store digital certificates.
Tokens
188
An attacker embeds malicious scripting commands on a trusted website.
XSS (Cross Site Scripting)
189
An attacker forces a user to execute actions on a web server for which they are already authenticated.
XSRF/CSRF (Cross Site Request Forgery)
190
An unauthorized user will be granted access.
FAR (False Acceptance Rate)
191
An authorized user will be rejected access.
FRR (False Rejection Rate)
192
Fastest to backup but slowest to restore.
Incremental
193
Slowest to backup but fastest to restore.
Differential
194
A client (generally either a user or a service) sends a request for a ticket to the Key Distribution Center (KDC). The KDC creates a ticket-granting ticket (TGT) for the client, encrypts it using the client's password as the key, and sends the encrypted TGT back to the client.
Kerberos
195
Which of the following terms is used to describe a text message containing system information details displayed after connecting to a service on a server?
Banner
196
The practice of connecting to an open port on a remote host to gather more information about its configuration is known as:
Banner Grabbing
197
What is the name of a command-line utility that allows for displaying protocol statistics and current TCP/IP network connections?
Netstat
198
Netstat is a command-line utility which can be used for:
Displaying active TCP/IP connections
199
Which netstat parameter allows to display all connections and listening ports?
-a
200
Which netstat parameter displays addresses and port numbers in numerical form?
-n
201
A network command-line utility in MS Windows that tracks and displays the route taken by an IP packet on its way to another host is called:
Tracert
202
A Linux command-line utility for displaying intermediary points (routers) an IP packet is passed through on its way to another network node is known as:
Traceroute
203
Which of the following CLI tools is used to troubleshoot DNS-related problems?
Nslookup
204
ARP is used to perform what kind of resolution?
IP to MAC
205
Which command in MS Windows displays a table consisting of IP addresses and their resolved physical addresses?
Arp-a
206
Which of the answers listed below refers to a command-line packet capturing utility?
Tcpdump
207
Which of the following command-line tools is used for discovering hosts and services on a network?
Nmap
208
Which of the command-line utilities listed below can be used to perform a port scan? (Select 2 answers)
* Nmap | * Netcat
209
A command-line tool that can be used for banner grabbing is called:
Netcat
210
The term "Segmentation fault" refers to: (Select 2 answers)
* Access violation | * Memory management
211
Which of the tools listed below can be used for troubleshooting problems related to digital certificates? (Select 2 answers)
* OSCP | * CRL
212
A software or hardware-based security solution designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network (data exfiltration) is known as:
DLP
213
An OS security feature designed to ensure safe memory usage by applications is known as:
DEP
214
Which of the acronyms listed below refers to a firewall controlling access to a web server?
WAF
215
A wireless connectivity technology primarily used in low-powered sports and fitness mobile devices is known as:
ANT
216
A framework of protocols that allows for numerous methods of authentication including passwords, digital certificates, and public key infrastructure.
EAP | Extensible Authentication Protocol
217
Which of the following EAP methods offers the highest level of security?
EAP-TLS
217
Uses simple passwords for its challenge-authentication.
EAP-MD5
219
Which of the EAP methods listed below relies on client-side and server-side certificates to perform authentication?
EAP-TLS
220
Digital certificates for mutual authentication.
EAP-TLS
221
Uses a server-side digital certificate and a client-side password for mutual authentication.
EAP-TTLS
222
Provides flexible authentication via secure tunneling (FAST) by using a protected access credential instead of a certificate for mutual authentication.
EAP-FAST
223
Supports mutual authentication by using server certificates and Microsoft’s Active Directory to authentication a clients password.
PEAP | (Protected EAP)
224
Is a proprietary to Cisco-based networks.
LEAP
225
In a persistent VDI: | Select 2 answers
* Each user runs their own copy of a virtual desktop. | * At the end of a session, user data and personal settings are saved.
226
Characteristics of a non-persistent VDI: | Select 2 answers
* At the end of a session, user desktop reverts to its original state. * Virtual desktop is shared among multiple users.
227
What are the characteristics of TACACS+? | Select 3 answers
* Encrypts the entire payload of the access-request packet. * Primarily used for device administration. * Separates authentication and authorization.
228
What are the characteristics of RADIUS? | Select 3 answers
* Primarily used for network access. * Combines authentication and authorization. * Encrypts only the password in the access-request packet.
229
Which of the answers listed below refers to an XML-based markup language for exchanging authentication and authorization data?
SAML
230
OpenID Connect is a protocol used for:
Authentication
231
Which of the following answers refers to an open-standard reference architecture for authentication?
OATH
232
OAuth is an open standard for:
Authorization
233
Which of the answers listed below refers to a SAML-based SSO system?
Shibboleth
234
Which of the following answers refers to a commonly used solution for tracking user access in a federated SSO system?
Secure token
235
A proprietary suite of security protocols providing authentication, integrity, and confidentiality to users in MS Windows network is called:
NTLM
236
Which of the answers listed below refers to a preferred authentication protocol recommended by MS Windows network?
Kerberos
237
Which access control model defines access control rules with the use of statements that closely resemble natural language?
ABAC
238
Group-based access control in MS Windows is an example of:
RBAC
239
Which of the following answers refers to the correct formula to calculating probable financial loss due to a risk over a one-year period?
ALE = ARO x SLE
240
If one service generates $10,000 per hour in revenue. The probability of this service failing during this year is estimated to be 10% and the failure would lead to 3 hours of downtime. What is the ALE?
SLE x ARO = ALE AV = $10,000 EF = 3 10,000 x 3 = 30,000 SLE = $30,000 ARO = 10% 30,000 x .10 = 3,000 ALE = $3,000
241
You have an asset valued at $16,000. The exposure factor of a risk affecting that asset is 35%. The annualized rate of occurrence is 75%. What is the SLE?
AV x EF = SLE AV = $16,000 EF = 35% 16,000 x .35 = 5,600 SLE = $5,600
242
Anything less than 10 has a (.0) in front of the core number. Anything in the 10’s has a (.) in front of the core number. Anything in the 100’s has a core number followed by (x.xx). * Move decimal point 2 times from RIGHT-to-LEFT
``` 1 = .01 2 = .02 : And so on! ``` ``` 10 = .1 57 = .57 : And so on! ``` ``` 100 = 1 101 = 1.01 267 = 2.67 : And so on! ```
243
The loss that will happen in the asset as a result of the threat. (Expresses as a percentage value)
EF (Exposure Factor)
244
The method of assessing the worth of the organization’s information system assets based on its CIA security.
AV (Asset Value)