P/E 1 Flashcards

Question 1

Q

What is the value of the logical operation shown here?

X: 0 1 1 0 1 0
Y: 0 0 1 1 0 1
___________________________
~Y: ?

A. 0 1 1 1 1 1
B. 1 1 0 0 1 0
C. 0 0 1 0 0 0
D. 0 0 1 1 0 1

Answer

A

Answer: B

The ~ symbol represents the NOT function, which inverts the bits of the affected variable. In this case, the X value is not used.

Question 2

Q

In object-oriented programming, what term describes a collection of the common methods from a set of objects that defines the behavior of those objects?

A. Class
B. Instance
C. Message
D. Polymorphism

Answer

A

Answer: A

A class is a collection of the common methods from a set of objects that defines the behavior of those objects.

Question 3

Q

Which of the following is not an illegal activity that can be performed over a computer network?

A. Theft
B. Destruction of assets
C. Waste of resources
D. Espionage

Answer

A

Answer: C

Although wasting resources is considered inappropriate activity, it is not actually a crime in most cases.

Question 4

Q

Which of the following is not a protocol used by the standard Internet-based email system?

A. SMTP
B. POP3
C. PEM
D. IMAP

Answer

A

Answer: C

Privacy Enhanced Mail (PEM) is not a standard Internet email protocol; it is an add-on encryption mechanism that provides authentication, integrity, confidentiality, and nonrepudiation.

Question 5

Q

Which IPSec mode provides for encryption of complete packets, including header information?

A. Transport
B. Encapsulating Security Paylod
C. Authentication Header
D. Tunnel

Answer

A

Answer: D

When IPSec is used in tunnel mode, entire packets, rather than just the payload, are encrypted. This mode is designed for use in gateway-to-gateway communications.

Question 6

Q

You are implementing AES encryption for files that your organization plans to store in a cloud storage service and wish to have the strongest encryption possible. What key length should you choose?

A. 192 bits
B. 256 bits
C. 512 bits
D. 1024 bits

Answer

A

Answer: B

The strongest keys supported by the Advanced Encryption Standard are 256 bits. The valid AES key lengths are 128, 192, and 256 bits.

Question 7

Q

Recently, a piece of malicious code was distributed over the Internet in the form of software claiming to allow users to play Xbox games on their PCs. The software actually launched the malicious code on the machines of users who attempted to execute it. What type of malicious code does this describe?

A. Logic bomb
B. Virus
C. Trojan horse
D. Worm

Answer

A

Answer: C

Trojan horses masquerade as useful programs (such as a game) but really contain malicious code that runs in the background.

Question 8

Q

An abundance of unsolicited messages arriving to the extent it prevents legitimate activity is known as what?

A. Sniffing
B. Denial of service
C. Brute-force attack
D. Buffer-overflow attack

Answer

A

Answer: B

Denial of service is the abundance of unsolicited messages arriving to the extent it prevents legitimate activity.

Question 9

Q

The term personal area network is most closely associated with what wireless technology?

A. 802.15
B. 802.11
C. 802.16
D. 802.3

Answer

A

Answer: A

802.15 (aka Bluetooth) creates personal area networks (PANs).

Question 10

Q

Which network topology offers multiple routes to each node to protect from multiple segment failures?

A. Ring
B. Star
C. Bus
D. Mesh

Answer

A

Answer: D

Mesh topologies provide redundant connections to systems, allowing multiple segment failures without seriously affecting connectivity.

Question 11

Q

When attempting to impose accountability on users, what key issue must be addressed?

A. Reliable log storage system
B. Proper warning banner notification
C. Legal defense/support of authentication
D. Use of discretionary access control

Answer

A

Answer: C

To effectively hold users accountable, your security must be legally defensible. Primarily, you must be able to prove in a court that your authentication process cannot be easily compromised. Thus, your audit trails of actions can then be tied to a human.

Question 12

Q

What is a device that attempts to route first but will bridge if routing fails?

A Switch
B. Repeater
C. Bridge
D. Brouter

Answer

A

Answer: D

A brouter is a device that attempts to route first, but if that fails, it defaults to bridging.

Question 13

Q

Which of the following statements is true?

A. An open system does not allow anyone to view its programming code.
B. A closed system does not define whether or not its programming code can be viewed.
C. An open source program can only be distributed for free.
D. A closed source program cannot be reverse engineered or decompiled.

Answer

A

Answer: B

A closed system is designed to work well with a narrow range of other systems, generally all from the same manufacturer. The standards for closed systems are often proprietary and not normally disclosed. However, a closed system (as a concept) does not define whether or not its programming code can be viewed. An open system (as a concept) also does not define whether or not its programming code can be viewed. An open source program can be distributed for free or for a fee. A closed source program can be reverse engineered or decompiled.

Question 14

Q

___________________ is any hardware, software, or administrative policy or procedure that defines and enforces access and restriction rights on an organizational level.

A. Logical control
B. Technical control
C. Access control
D. Administrative control

Answer

A

Answer: C

Access control is any hardware, software, or organizational administrative policy or procedure that grants or restricts access, monitors and records attempts to access, identifies users attempting to access, and determines whether access is authorized.

Question 15

Q

Which of the following is not a reason for data classification?

A. To secure everything at a high security level because securing everything at a low security level means sensitive data is easily accessible
B. To determine how much effort, money, and resources are allocated to protect the data and control access to it
C. To secure everything at a low security level because securing everything at a high security level is too expensive and restricts access to unclassified, noncritical data
D. To provide for nonrepudiation

Answer

A

Answer: D

Providing for nonrepudiation is not a reason for data classification.

Question 16

Q

Which of the following models allows the owner of an object to grant privileges to other users?

A. Mandatory access control model
B. Discretionary access control model
C. Role-based access control model
D. Rule-based access control model

Answer

A

Answer: B

A discretionary access control model allows the owner (or data custodian) of a resource to grant permissions at the discretion of the owner. The other answers are non-discretionary models.

Question 17

Q

What database security feature uses a locking mechanism to prevent simultaneous edits of cells?

A. Semantic integrity mechanism
B. Concurrency
C. Polyinstantiation
D. Database partitioning

Answer

A

Answer: B

Concurrency uses a “lock” feature to allow an authorized user to make changes and then “unlock” the data elements only after the changes are complete. This is done so another user is unable able to access the database to view and/or make changes to the same elements at the same time.

Question 18

Q

What cryptographic goal does the challenge-response protocol support?

A. Confidentiality
B. Integrity
C. Authentication
D. Nonrepudiation

Answer

A

Answer: C

The challenge-response protocol is an authentication protocol that uses cryptographic techniques to allow parties to assure each other of their identity.

Question 19

Q

Which of the following is an effective means of preventing and detecting the installation of unapproved software?

A. Workstation change
B. Separation of duties
C. Discretionary access control
D. Job responsibility restrictions

Answer

A

Answer: A

Workstation change is an effective means of preventing and detecting the presence of unapproved software.

Question 20

Q

What are the well-known ports?

A. 0 to 1,023
B. 80, 135, 110, 25
C. 0 to 65, 536
D. 32,000 to 65,536

Answer

A

Answer: A

Ports 0 to 1,023 are the well-known ports.

Question 21

Q

John is configuring a router that will stand between the network 10.8.6.0/24 and the Internet. He would like to configure egress filtering rules to minimize the potential of crackers originating a DDoS attack from his network. What type of traffic should be filtered out to help achieve this goal?

A. Inbound traffic with a private IP address
B. Outbound traffic with a private IP address
C. Inbound traffic with an address in the range 10.8.6.0/24
D. Outbound traffic with an address outside the range 10.8.6.0/24

Answer

A

Answer: D

Although it is true that John would probably want to filter out all of these types of traffic for various reasons, he would be specifically interested in filtering out outbound traffic with an address not belonging to his network to achieve his stated goal.

Question 22

Q

Which of the following requires keeping archives of audit logs for a specific time?

A. Data remanence
B. Record retention
C. Data diddling
D. Data mining

Answer

A

Answer: B

Record retention policies define the amount of time to keep any data, including logs. Data remanence is data remnants on media. Data diddling refers to the modification of data before or during data entry resulting in incorrect or corrupt data. Data mining refers to extracting meaningful knowledge from large amounts of data.

Question 23

Q

What network devices operate within the Physical layer?

A. Bridges and switches
B. Firewalls
C. Hubs and repeaters
D. Routers

Answer

A

Answer: C

Network hardware devices that function at layer 1, the Physical layer, are hubs and repeaters.

Question 24

Q

Which type of access control system relies on using classification labels that are representative of security domains and realms?

A. Nondiscretionary access control
B. Mandatory access control
C. Discretionary access control
D. Logical access control

Answer

A

Answer: B

Mandatory access control enforces an access policy that is determined by the system, not the object owner.

Question 25

Q

Which of the following is the type of antivirus response function that removes the malicious code but leaves damage unrepaired?

A. Cleaning
B. Removal
C. Stealth
D. Polymorphism

Answer

A

Answer: B

Removal removes the malicious code but does not repair the damage caused by it. Cleaning not only removes the code, but it also repairs any damage the code has caused.

Question 26

Q

_______________ is a centralized database or index of assets, personnel, resources, or services on the network.

A. TACACS+
B. Kerberos
C. RADIUS server
D. A directory service

Answer

A

Answer: D

A directory service is a centralized database of resources, such as a phone directory, made available to the network.

Question 27

Q

Which of the following algorithms/protocols provides inherent support for nonrepudiation?

A. HMAC
B. DSA
C. MD5
D. SHA-1

Answer

A

Answer: B

The Digital Signature Algorithm (as specified in FIPS 186-2) is the only one of the algorithms listed here that supports true digital signatures, providing integrity verification and nonrepudiation. HMAC allows for the authentication of message digests but supports only integrity verification. MD5 and SHA-1 are message digest creation algorithms and can be used in the generation of digital signatures but provide no guarantees of integrity or nonrepudiation in and of themselves.

Question 28

Q

What regulation applies to the security of credit and debit card information held by merchants and service providers?

A. HIPAA
B. CALEA
C. GLBA
D. PCI DSS

Answer

A

Answer: D

The Payment Card Industry Data Security Standard (PCI DSS) places contractual obligations on merchants and service providers to ensure the security of cardholder information.

Question 29

Q

What networking device can be used to extend the maximum usable length of network cabling?

A. Router
B. Firewall
C. Repeater
D. Bridge

Answer

A

Answer: C

Long cable lengths can often be supplemented through the use of repeaters or concentrators. A repeater is just a signal amplification device.

Question 30

Q

On what port do DHCP clients request a configuration?

A. 25
B. 110
C. 68
D. 443

Answer

A

Answer: C

Dynamic Host Configuration Protocol (DHCP) uses port 68 for client request broadcast and port 67 for server point-to-point response.

Question 31

Q

Which of the following is often a side benefit of a thorough risk analysis process?

A. Removal of all threats to an organization
B. Streamlining of security policies
C. Complete and detailed valuation of all assets
D. Deployment of safeguards

Answer

A

Answer: C

A side benefit of risk analysis is a complete and detailed valuation of all assets. None of the other options is an element or benefit of risk analysis.

Question 32

Q

In which IPSec mode is the content of an encapsulated packet encrypted but not the header?

A. Transport
B. Tunnel
C. Vector
D. Transparent

Answer

A

Answer: A

In transport mode, the IP packet data is encrypted, but the header of the packet is not.

Question 33

Q

Which of the following may introduce new vulnerabilities to voice communications?

A. Modems
B. VoIP
C. Encryption
D. PBX

Answer

A

Answer: B

Voice over IP (VoIP), which transmits voice communications through an IP network, introduces network-specific vulnerabilities to voice communications.

Question 34

Q

_______________ is the process through which the activities of user accounts and processes are tracked and recorded.

A. Accountability
B. Auditing
C. Accessibility
D. Authentication

Answer

A

Answer: B

Auditing is the process by which online activities of user accounts and processes are tracked and recorded.

Question 35

Q

Identification is the first step toward what ultimate goal?

A. Accountability
B. Authorization
C. Auditing
D. Nonrepudiation

Answer

A

Answer: A

Accountability is the ultimate goal of a process started by identification.

Question 36

Q

Which type of control provides extended options to existing controls and aids or supports administrative security policy?

A. Recovery access control
B. Corrective access control
C. Restorative access control
D. Compensation access control

Answer

A

Answer: D

Compensation access control is deployed to provide various options to existing controls to help enforce and support a security policy.

Question 37

Q

In what type of attack does the intruder initiate connections to both a client and a server?

A. Chosen plain-text attack
B. Meet-in-the-middle attack
C. Man-in-the-middle attack
D. Replay attack

Answer

A

Answer: C

In the man-in-the-middle attack, a malicious individual sits between two communicating parties and intercepts all communications (including the setup of the cryptographic session).

Question 38

Q

What attack pattern utilizes a series of sequential or combinatorial inputs in an attempt to test every possible combination against some security feature?

A. Distributed attack
B. Denial of service attack
C. Brute-force attack
D. Buffer overflow attack

Answer

A

Answer: C

A brute-force attack is an attempt to discover passwords for user accounts by systematically attempting every possible combination of letters, numbers, and symbols.

Question 39

Q

What IPSec component provides assurances of message integrity and nonrepudiation?

A. Authentication Header
B. Encapsulating Security Payload
C. IP Payload Compression protocol
D. Internet Key Exchange

Answer

A

Answer: A

The Authentication Header provides assurances of message integrity and nonrepudiation.

Question 40

Q

______________ is deployed to discover unwanted or unauthorized activity after it occurs as opposed to before or during.

A. Directive access control
B. Deterrent access control
C. Detective access control
D. Defective access control

Answer

A

Answer: C

Detective access control is deployed to discover unwanted or unauthorized activity.

Question 41

Q

_______________ ensures that a requested activity or access to an object is possible given the rights and privileges assigned to an authenticated identity.

A. Authentication
B. Accountability
C. Accessibility
D. Authorization

Answer

A

Answer: D

Authorization ensures that a requested activity or access to an object is possible given the rights and privileges assigned to an authenticated identity.

Question 42

Q

Which database principle ensures that transactions execute in an all-or-nothing fashion?

A. Atomicity
B. Consistency
C. Isolation
D. Durability

Answer

A

Answer: A

The atomicity of database transactions requires transaction execution in an all-or-nothing fashion. If any part of the transaction fails, the entire transaction is rolled back.

Question 43

Q

On a much smaller scale, _______________ is deployed to repair or restore capability, functionality, or resources following a violation of security policy.

A. Recovery access control
B. Corrective access control
C. Detective access control
D. Compensation access control

Answer

A

Answer: A

Recovery access control is deployed to repair or restore resources, functions, and capabilities after a violation of security policies.

Question 44

Q

Which of the following is not true?

A. A purely quantitative analysis is not possible.
B. Qualitative risk analysis employs complex formulas and calculations.
C. Quantitative risk analysis assigns real dollar figures to the loss of an asset.
D. Qualitative risk analysis assigns subjective and intangible values to the loss of an asset.

Answer

A

Answer: B

Qualitative risk analysis does not employ complex formulas and calculations. Scenario discussions and simple value assignments are used to evaluate risk, incidents, losses, and safeguards.

Question 45

Q

Using an insular padded cell on your network for protection to isolate intruders functions on what principle?

A. The data offered by the padded cell is what originally attracts the attacker.
B. Padded cells are a form of entrapment.
C. The intruder is seamlessly transitioned into the padded cell once they are detected.
D. Padded cells are used to test a system for known vulnerabilities.

Answer

A

Answer: C

When an intruder is detected by an IDS, they are transferred to a padded cell. The transfer of the intruder into a padded cell is performed automatically, without informing the intruder that the change has occurred. The padded cell is unknown to the intruder before the attack, so it cannot serve as an enticement or entrapment. Padded cells are used to detain intruders, not to detect vulnerabilities.

Question 46

Q

Which of the following can be used to verify the integrity of a received message?

A. Transaction log
B. Record sequence checking
C. Hash total
D. Parity value

Answer

A

Answer: C

A hash total is a checksum used to verify the integrity of a transmission.

Question 47

Q

You are developing an application that compares passwords to those stored in a Unix password file. The hash values you compute are not correctly matching those in the file. What might have been added to the stored password hashes?

A. Salt
B. Double hash
C. Added encryption
D. One-time pad

Answer

A

Answer: A

Cryptographic salt values are added to the passwords in password files before hashing to defeat rainbow table and dictionary attacks.

Question 48

Q

What protocol is utilized by attackers launching a smurf attack against a network?

A. TCP
B. ICMP
C. ARP
D. RARP

Answer

A

Answer: B

The smurf attack depends on ping packets, which are implemented by the Internet Control Message Protocol (ICMP).

Question 49

Q

___________________ implies that network services, communications, and access control mechanisms are functional and allow authorized users to gain authorized access.

A. Confidentiality
B. Integrity
C. Availability
D. Nonrepudiation

Answer

A

Answer: C

The principle of availability implies that network services, communications, and access control mechanisms are functional and allow authorized users to gain authorized access.

Question 50

Q

What is an access control list (ACL) based on?

A. An object
B. A subject
C. A role
D. An account

Answer

A

Answer: A

An ACL is based on an object and includes a list of subjects that are granted access. A capability table is focused on a subject and includes a list of objects the subject can access. Roles and accounts are examples of subjects and may be included in an ACL, but they aren’t the focus.

Question 51

Q

Which security role is ultimately responsible for due diligence in protecting a company’s data?

A. The user
B. The data owner
C. The data custodian
D. The administrator

Answer

A

Answer: B

The data owner is the person who has final corporate responsibility for the protection and storage of data. Owners may be liable for negligence if they fail to perform due diligence in establishing and enforcing security policy to protect and sustain sensitive data.

Question 52

Q

What type of attack includes fragmented packets that cannot be reassembled?

A. Zero day exploit
B. Spamming
C. Distributed denial of service
D. Teardrop

Answer

A

Answer: D

In a teardrop attack, an attacker fragments traffic in such a way that data packets cannot be put together. A zero day exploit refers to an attack using vulnerabilities that are unknown to others. Spamming refers to sending massive quantities of unsolicited email. A distributed denial of service (DDoS) attack is an attack on a single system from multiple sources.

Question 53

Q

Which one of the following is a cloud-based service model that allows users to access email via a web browser?

A. Infrastructure as a Service (IaaS)
B. Platform as a Service (PaaS)
C. Software as a Service (SaaS)
D. Public

Answer

A

Answer: C

The SaaS service model provides services such as email available via a web browser. IaaS provides the infrastructure (such as servers) and PaaS provides a platform (such as an operating system and application installed on a server). Public is a deployment method, not service model.

Question 54

Q

Which of the following is the highest security classification for a government/military organization?

A. Classified
B. Top secret
C. Sensitive
D. Sensitive but unclassified

Answer

A

Answer: B

Top secret is the highest security classification for a government/military organization.

Question 55

Q

You are selecting a symmetric encryption algorithm to protect the contents of sensitive information stored by your organization. Which of the following would be the best choice?

A. Vernam cipher
B. DES
C. 2DES
D. 3DES

Answer

A

Answer: D

The Vernam cipher, or one-time pad, is not practical for use on an automated basis. DES and 2DES are no longer considered secure cryptosystems. 3DES is a strong cryptosystem appropriate for use.

Question 56

Q

What frequency does an 802.11n-compliant device employ?

A. 3 Hz
B. 900 MHz
C. 7 GHz
D. 2.4 GHz

Answer

A

Answer: D

802.11n can use the 2.4 GHz and 5 GHz frequencies. The 2.4 GHz frequency is also used by 802.11g and 802.11b.

Question 57

Q

What is the primary function of a gateway as a network device?

A. Routing traffic
B. Protocol translator
C. Attenuation protection
D. Creating virtual LANs

Answer

A

Answer: B

The gateway is a network device (or service) that works at the Application layer. However, an Application layer gateway is a very specific type of component. It serves as a protocol translation tool. For example, an IP-to-IPX gateway takes inbound communications from TCP/IP and translates them over to IPX/SPX for outbound transmission.

Question 58

Q

What is the minimum size a packet can be to be used in a ping-of-death attack?

A. 2,049 bytes
B. 16,385 bytes
C. 32,769 bytes
D. 65,537 bytes

Answer

A

Answer: D

The maximum allowed ping packet size is 65,536 bytes. To engage in a ping-of-death attack, an attacker must send a packet that exceeds this maximum. Therefore, the smallest packet that might result in a successful attack would be 65,537 bytes.

Question 59

Q

What TCP/IP communications port is utilized by Secure Sockets Layer (SSL) traffic?

A. 80
B. 220
C. 443
D. 559

Answer

A

Answer: C

SSL uses port 443 to transmit encrypted web traffic over TCP connections.

Question 60

Q

Which of the following options is true in terms of a host-based IDS?

A. It’s ineffective on switched networks.
B. It monitors several systems altogether.
C. It’s invisible to attackers and authorized users.
D. It monitors a single system individually.

Answer

A

Answer: D

A host-based IDS watches for questionable activity on a single computer system. A network-based IDS watches for questionable activity being performed over the network medium, can be made invisible to users, and is ineffective on switched networks.

Question 61

Q

What is the countermeasure cost/benefit equation?

A. SLE * ARO
B. EF * AV * ARO
C. (ALE1 – ALE2) – CM cost
D. Total risk + controls gap

Answer

A

Answer: C

To make the determination of whether the safeguard is financially equitable, use the following countermeasure cost/benefit equation: (ALE before countermeasure – ALE after implementing the countermeasure) – annual cost of countermeasure = value of the countermeasure to the company.

Question 62

Q

Precomputed password hashes kept as a series of iterative inputs are known as what?

A. Dictionary word list
B. Brute force
C. Rainbow tables
D. Encryption catalog

Answer

A

Answer: C

Rainbow tables use an iterative series of precomputed password hashes as an alternative to sequential guessing or dictionary-based lookup attacks against authentication mechanisms.

Question 63

Q

When establishing who someone is before you grant them access to resources, what is the first step?

A. Verify credentials
B. Claim an identity
C. Grant authority
D. Monitor activity

Answer

A

Answer: B

The first step toward granting a user access is for them to claim an identity (identification). That is followed by verifying credentials (authentication), then by granting authority (authorization), and finally by monitoring activity (auditing).

Question 64

Q

What type of attack can be used against cryptographic algorithms that do not incorporate temporal protections?

A. Chosen plain-text attack
B. Meet-in-the-middle attack
C. Man-in-the-middle attack
D. Replay attack

Answer

A

Answer: D

In a replay attack, the malicious individual intercepts an encrypted message between two parties (often a request for authentication) and then later replays the captured message to open a new session.

Answer 65

A

Answer: A

The Internet Security Association and Key Management Protocol (ISAKMP) provides background security support services for IPSec, including managing security associations.

Answer 66

A

Answer: A

Criminal investigations typically follow the “beyond a reasonable doubt” standard of evidence.

Answer 67

A

Answer: B

Nessus is a network vulnerability scanning tool that searches systems for known vulnerabilities.

Answer 68

A

Answer: D

The Data Manipulation Language is a subset of SQL containing the commands used to interact with data.

Answer 69

A

Answer: A

The principle of least privilege restricts user privileges to what they need and no more. Users do not have a need to log onto any computer in the network. A policy used to implement the principle of least privilege can restrict users to a single computer, restrict access to files, and restrict access to backups.

Answer 70

A

Answer: B

Following rules for strong password generation is not a direct defense against social engineering attacks.

Answer 71

A

Answer: A

Without object integrity, confidentiality cannot be maintained. In fact, integrity and confidentiality depend on one another.

Answer 72

A

Answer: A

Ethernet is a shared media LAN technology. That means it allows numerous devices to communicate over the same medium but requires that each device take turns communicating and perform collision detection and avoidance.

Answer 73

A

Answer: A

Identification occurs when a user professes an identity with a login ID. The combination of the login ID and the password provide authentication. Auditing provides accountability. Users are granted authorization to access resources based on their proven identities.

Answer 74

A

Answer: A

The Authentication Header (AH) provides assurances of message integrity and nonrepudiation.

Answer 75

A

Answer: D

Identification is the process by which a subject professes an identity and accountability is initiated.

Answer 76

A

Answer: B

Companion viruses use filenames that mimic the filenames of legitimate system files.

Answer 77

A

Answer: B

Secure Shell (SSH) provides secure replacements for a number of common Internet utilities.

Answer 78

A

Answer: A

Process confinement allows a process to read from and write to only certain memory locations and resources.

Answer 79

A

Answer: B

The password combined with the username provides authentication. The username by itself provides identification. Logging and auditing of user actions provide accountability. Authorization refers to granting users access to resources based on their proven identities.

Answer 80

A

Answer: B

S-RPC is an authentication service and is simply a means to prevent unauthorized execution of code on remote systems.

Answer 81

A

Answer: A

The 169.254.x.x range is usually employed by the Microsoft APIPA response to failed DHCP services.

Answer 82

A

Answer: B

Monitoring the activities of subjects and objects, as well as of core system functions that maintain the operating environment and the security mechanisms, helps establish accountability on the system.

Answer 83

A

Answer: D

Wired Equivalent Privacy (WEP) technology is notoriously insecure and vulnerable to eavesdropping attacks.

Answer 84

A

Answer: B

Internet email must comply with X.400.

Answer 85

A

Answer: D

Blowfish has a maximum key length of 448 bits.

Answer 86

A

Answer: D

NAT does not allow initiations from external entities. Therefore, allowing external initiations is not a benefit. The benefit is that NAT does not allow them.

Answer 87

A

Answer: D

When information is collected about your activities online without your consent, it is known as a violation of privacy.

Answer 88

A

Answer: D

In a teardrop attack, an attacker exploits a bug in operating systems. The bug exists in the routines used to reassemble (that is, resequence) fragmented packets. An attacker sends numerous specially formatted fragmented packets to the victim, which causes the system to freeze or crash.

Answer 89

A

Answer: C

Nondiscretionary access control enables the enforcement of systemwide restrictions that override object-specific access control.

Answer 90

A

Answer: B

The primary concern in any business continuity or disaster recovery effort is ensuring personal safety for everyone involved.

Answer 91

A

Answer: A;B;C

IDSs watch for violations of confidentiality, integrity, and availability. Attacks recognized by IDSs can come from external connections (such as the Internet or partner networks), viruses, malicious code, trusted internal subjects attempting to perform unauthorized activities, and unauthorized access attempts from trusted locations.

Answer 92

A

Answer: C

The security management task in which critical, significant, and sensitive work tasks are divided among several individual administrators or high-level operators is separation of duties.

Answer 93

A

Answer: C

A knowledge-based IDS is effective only against known attack methods, which is its primary drawback.

Answer 94

A

Answer: C

The spiral model uses multiple iterations of the waterfall model, so it is considered a meta-model.

Answer 95

A

Answer: B

Triple DES (3DES) requires either two or three DES keys to generate an effective key strength of 168 bits, triple the strength of standard DES’s 56-bit key.

Answer 96

A

Answer: B

Control Objectives for Information and Related Technology (COBIT) is a documented set of best IT security practices crafted by Information Systems Audit and Control Association (ISACA) and IT Governance Institute (ITGI).

Answer 97

A

Answer: C

A PVC reestablishes a link using the same basic parameters or virtual pathway each time it connects. SVCs use unique settings each time. Bandwidth on demand links can be either PVCs or SVCs. CSU/DSU is not a packet-switching technology.

Answer 98

A

Answer: B

A switch console port exists only on a switch; a cell phone cannot be used to access such ports.

Answer 99

A

Answer: A

A drawback of classification schemes, especially as implemented via a mandatory access control concept, is that they require significant administration for a large organization.

Answer 100

A

Answer: B

Denial of service attacks seek to shut down or stifle network response and congest traffic so that legitimate data cannot be handled in a timely fashion.

Answer 101

A

Answer: D

A service-level agreement may require you to meet the business continuity objectives of your customers.

Answer 102

A

Answer: B

The BSoD stops all processing when a critical failure occurs in Windows. This is an example of a fail-secure approach.

Answer 103

A

Answer: C

The filename extension .txt is normally used to describe text files, which do not contain executable code.

Answer 104

A

Answer: D

DIFFERENCE()is not a valid aggregate function. COUNT(), MIN(), and SUM()are aggregate functions specified in SQL.

Answer 105

A

Answer: A

A smurf attack occurs when an amplifying server or network is used to flood a victim with useless data.

Answer 106

A

Answer: A

The SYN packet is first sent from the initiating host to the destination host. The destination host then responds with a SYN/ACK packet. The initiating host sends an ACK packet, and the connection is then established.

Answer 107

A

Answer: D

Deterrent access control is deployed to discourage violation of security policies.

Answer 108

A

Answer: D

Tunneling is generally an inefficient means of communicating because all protocols include their own error detection, error handling, acknowledgment, and session management features, and using more than one protocol at a time just compounds the overhead required to communicate a single message.

Answer 109

A

Answer: C

Vulnerability scanners are used to test a system for known security vulnerabilities and weaknesses. They are not active detection tools for intrusion, they offer no form of enticement, and they do not configure system security. In addition to testing a system for security weaknesses, they produce evaluation reports and make recommendations.

Answer 110

A

Answer: B

VPN protocols—specifically PPTP, L2F, and L2TP—function at the Data Link layer (layer 2).

Answer 111

A

Answer: C

Civil investigations typically follow the “preponderance of the evidence” standard.

Answer 112

A

Answer: B

Dictionary word lists are precompiled lists of common passwords and their permutations and serve as the foundation for a dictionary attack on accounts.

Answer 113

A

Answer: B

The recipient of a message encrypted using asymmetric cryptography decrypts it with their own private key.

Answer 114

A

Answer: C

The .NET Framework includes the Common Language Interface to support multiple programming languages.

Answer 115

A

Answer: D

Providing for nonrepudiation is not a reason for data classification.

Answer 116

A

Answer: B

The Goguen-Meseguer model is based on predetermining the set or domain of objects that a subject can access. The set or domain is a list of those objects that a subject can access. This model is based on automation theory and domain separation. This means subjects are able to perform only predetermined actions against predetermined objects.

Answer 117

A

Answer: A

When audit trails legally prove accountability, then you also reap the benefit of nonrepudiation.

Answer 118

A

Answer: B

People are the weakest link in a security chain.

Answer 119

A

Answer: D

SYN flood attacks are targeted at the standard three-way handshake process used by TCP/IP to initiate communication sessions.

Answer 120

A

Answer: B

Processing screens the collected information to perform a “rough cut” of irrelevant information, reducing the amount of information requiring detailed screening.

Answer 121

A

Answer: D

Overutilizing a hardware component presents the most serious threat to availability from this list of options. The other options are unlikely to threaten availability.

Answer 122

A

Answer: D

Confidentiality is the principle that objects are not disclosed to unauthorized subjects.

Answer 123

A

Answer: D

The spiral model of project management does not directly relate to configuration management. Configuration management is about managing change that could result in reduced security.

Answer 124

A

Answer: A

Firewalls are unable to filter on encrypted traffic within a VPN, which is a drawback. VPNs can cross firewalls. Firewalls do not have to always block outbound VPN connections. Firewalls usually only minimally affect the throughput of a VPN and then only when filtering is possible.

Answer 125

A

Answer: D

The Application layer is also known as layer 7. The Session layer is layer 5, the Network layer is layer 3, and the Physical layer is layer 1.

Answer 126

A

Answer: D

Zero-knowledge proofs confirm that an individual possesses certain factual knowledge without revealing the knowledge.

Answer 127

A

Answer: B

Using unauthorized software makes the IT environment more vulnerable to virus infections. Email is the most common means of virus distribution, but the virus code must still be executed to work.

Answer 128

A

Answer: C

Role-based access control uses a well-defined collection of named job roles to endow each one with specific permissions, thereby seeking to ensure that users who occupy such roles can access what they need to get their jobs done.

Answer 129

A

Answer: B

The sender of a message uses their own private key to create a digital signature.

Answer 130

A

Answer: C

A data object is called a datagram or a packet in the Network layer. It is called a PDU in layers 5 through 7. It is called a segment in the Transport layer and a frame in the Data Link layer.

Answer 131

A

Answer: B

Spoofing is the replacement of valid source and destination IP and port addresses with false ones. It is often used in DoS attacks but is not considered a DoS attack itself. Flooding, smurf, and ping of death are all DoS attacks.

Answer 132

A

Answer: B

Data classifications provide strong protection against the loss of confidentiality and are the best choice of the available answers. Data labels and proper data handling are based on first identifying data classifications. Data degaussing methods apply only to magnetic media.

Answer 133

A

Answer: D

Corrective access control is deployed to restore systems to normal after an unwanted or unauthorized activity has occurred.

Answer 134

A

Answer: A

A behavior-based intrusion detection system (IDS) can be labeled an expert system or a pseudo-artificial intelligence system because it can learn and make assumptions about events. In other words, the IDS can act like a human expert by evaluating current events against known events.

Answer 135

A

Answer: B

The number of keys required to fully implement asymmetric encryption is computed using the formula 2n. In this case 2 * 8 = 16.

Answer 136

A

Answer: B

Packet switching has variable delays; circuit switching has fixed known delays.

Answer 137

A

Answer: C

Compartmentalized environments require specific security clearances over compartments or domains instead of objects.

Answer 138

A

Answer: D

Client source ports are dynamic ports (i.e., randomly selected port number between 1024–65,535) for most Application layer protocols, including secure web communications (i.e., HTTPS).

Answer 139

A

Answer: C

CHAP is a security protocol that automatically performs reauthentication of the client system throughout the connected session in order to detect session hijacking.

Answer 140

A

Answer: C

Something you have, something you are, and something you know are representative forms of authentication factors.

Answer 141

A

Answer: C

Option C is not an example of protecting integrity; it is the principle of availability.

Answer 142

A

Answer: A

A covert channel is any method that is used to secretly pass data and that is not normally used for communication. All the other options describe normal communication channels.

Answer 143

A

Answer: D

A Security Information and Event Management (SIEM) system is the best tool to search through large log files looking for intrusion-related events. A text editor requires manually looking at logs. Vulnerability scanners and password crackers are not used to search through log files looking for intrusions.

Answer 144

A

Answer: C

Risk is the likelihood that any specific threat will exploit a specific vulnerability to cause harm to an asset.

Answer 145

A

Answer: D

WPA2 replaces TKIP (used by the original WPA) with AES cryptography.

Answer 146

A

Answer: A

Steganographers use images and other large files to mask the presence of secret information.

Answer 147

A

Answer: C

Asymmetric cryptography requires 2*n keys to allow all parties to communicate.

Answer 148

A

Answer: D

Privileged accounts (such as administrator accounts) are granted the most access and should be a primary focus in an access review audit. Regular user and auditor accounts don’t have as many rights and permissions as privileged accounts and are not as important to audit.

Answer 149

A

Answer: C

Biometric authentication devices represent a Type 3 (something you have) authentication factor.

Answer 150

A

Answer: A

A static packet-filtering firewall filters traffic by examining data from a message header.

Answer 151

A

Answer: B

The five elements of AAA services in order are identification, authentication, authorization, auditing, and accounting. Availability is not part of AAA services, but it is part of the CIA triad.

Answer 152

A

Answer: A

Polyinstantiation includes multiple records in a table with the same primary key. Each record is designed for users of a specific security clearance level.

Answer 153

A

Answer: C

An ECC-RSA 160-bit key is the equivalent of an RSA 1,024-bit key.

Answer 154

A

Answer: D

DNS uses a hierarchical model to organize data, with root name servers representing the top-level domains and authority distributed hierarchically to child servers.

Answer 155

A

Answer: C

Strong passwords are the weakest form of authentication from the given answers. One-time passwords are stronger than static passwords. Biometric methods such as retina scans are stronger than passwords.

Answer 156

A

Answer: C

Discretionary access control permits the owner or creator of an object to control and define its accessibility because the owner has full control by default.

Answer 157

A

Answer: D

Cloud service providers offer Infrastructure-as-a-Service options that are ideal backup sites.

Answer 158

A

Answer: B

The output of a hash function must be a fixed length.

Answer 159

A

Answer: B

Honeynets are entire networks created to serve as a snare for intruders. They look and act like legitimate networks, but they are 100 percent fake. Honeynets tempt intruders with seemingly vulnerable systems with attractive artificial data.

Answer 160

A

Answer: B

Awareness must be established before actual training can take place.

Answer 161

A

Answer: A

The approach to security management must be a top-down approach to be effective. Upper or senior management is responsible for initiating and defining policies for the organization. Security policies provide direction for the lower levels of the organization’s hierarchy. It is the responsibility of middle management to flesh out the security policy into standards, baselines, guidelines, and procedures. It is the responsibility of the operational managers or security professionals to implement the configurations prescribed in the security management documentation. It is the responsibility of the end users to comply with all security policies of the organization.

Answer 162

A

Answer: B

The cardinality of a database table is the number of records (or rows) in that table.

Answer 163

A

Answer: A

A directive control is a security tool used to guide the security implementation of an organization.

Answer 164

A

Answer: D

IT staff may perform security assessments to evaluate the security of their systems and applications. Audits must be performed by internal or external auditors who are independent of the IT organization. Criminal investigations must be performed by certified law enforcement personnel.

Answer 165

A

Answer: B

Frequency Hopping Spread Spectrum (FHSS) was an early implementation of the spread spectrum concept. However, instead of sending data in a parallel fashion, it transmits data in a series while constantly changing the frequency in use.

Answer 166

A

Answer: B

One definition of privacy is freedom from being observed, monitored, or examined without consent or knowledge.

Answer 167

A

Answer: C

TLS uses port 443 to generate secure client-server web connections.

Answer 168

A

Answer: B

The primary purpose of change management is to allow management to review all changes. However, it is true that the overall goal of change management is to prevent unwanted reductions to security.

Answer 169

A

Answer: C

Public relations staff are generally not included in business continuity planning efforts. They would have significant involvement in disaster recovery.

Answer 170

A

Answer: A

Role-based access control restricts access to roles by grouping subjects (such as users). Groups are assigned privileges but privileges aren’t grouped in roles. Programs aren’t grouped in roles. Objects such as files are often grouped within folders, but objects are not assigned as roles.

Answer 171

A

Answer: A

Web servers should expose ports 80 and/or 443 to the world to support HTTP and/or HTTPS connections. Port 22, used by SSH, and port 1433, used by SQL Server databases, should not normally be publicly exposed.

Answer 172

A

Answer: C

VPNs do not provide or guarantee availability.

Answer 173

A

Answer: B

Job descriptions are essential to user and personnel security. Only when it’s based on a job description does a background check have true meaning. Without a job description, auditing and monitoring cannot determine when a user performs tasks outside of their assigned work. Without a job description, administrators do not know what level of access to assign via DAC.

Answer 174

A

Answer: C

Integrity protection is not about stopping all change but preventing unwanted, unintended, and malicious change as well as ensuring the retention of correct information.

Answer 175

A

Answer: C

The receiver’s name is not a necessary component of a digital certificate.

Answer 176

A

Answer: C

In a typical penetration testing scenario, the ultimate goal is to expose, inventory, and report any findings of vulnerability or weakness on the network.

Answer 177

A

Answer: C

SELECT()is not an aggregate function but an SQL command. MAX()is an aggregate function that selects the maximum value from a set. SUM()is an aggregate function that adds values together. AVG()is an aggregate function that determines the mathematical average of a series of values.

Answer 178

A

Answer: C

Spoofing grants the attacker the ability to hide their identity through misdirection. It is therefore involved in most attacks.

Answer 179

A

Answer: B

Security mechanisms are needed within an operating system because software is not trusted.

Answer 180

A

Answer: C

Macro viruses use scripting languages such as Visual Basic for Applications.

Answer 181

A

Answer: A

Marking (or labeling) media is the best choice of the available answers to protect against mishandling media. When properly marked, personnel are more likely to handle media properly. Purging and sanitizing methods remove sensitive information but do not protect against mishandling. Data retention refers to how long an organization keeps the data, not how it handles the data.

Answer 182

A

Answer: B

Integrity is one of the CIA Triad principles; the other two are confidentiality and availability.

Answer 183

A

Answer: B

In a discussion of high-speed telco links or network carrier services, fault tolerance means to have redundant connections.

Answer 184

A

Answer: C

Availability has the most avenues or vectors of attack and compromise. Availability can be affected by damaging the resource, compromising the resource host, interfering with communications, or attacking the client.

Answer 185

A

Answer: D

The single quote character (‘) is an essential part of a SQL injection attack and should never be allowed in user input in a database-driven application.

Answer 186

A

Answer: C

Strong password choices should be neither predictable nor deterministic, should be of sufficient length and strength, and should be periodically changed and enforced against best security practices by automated means.

Answer 187

A

Answer: C

The tunneling process prevents security control devices from blocking or dropping the communication because such devices don’t know what the contents of the packets actually are.

Answer 188

A

Answer: C

IPSec is not designed to function naked over a dial-up segment. IPSec must be encapsulated to transmit across a dial-up link; often it is encased in L2TP for this.

Answer 189

A

Answer: A

A parallel run is a type of new system deployment testing where the new system and the old system are run in parallel.

Answer 190

A

Answer: B

Areas in a 500-year flood plain should expect flooding once every 500 years.

Answer 191

A

Answer: B

Rijndael requires 11 rounds of encryption when used with 192-bit cryptographic keys.

Answer 192

A

Answer: A

An IDS automates the inspection of audit logs and real-time system events to detect abnormal activity. IDSs are generally used to detect intrusion attempts, but they can also be employed to detect system failures or rate overall performance.

Answer 193

A

Answer: C

Cold sites contain basic infrastructure but do not have any computing facilities active.

Answer 194

A

Answer: A

An initialization vector (IV) is a random bit string (a nonce) that is the same length as the block size that is XORed with the message. IVs are used to create a unique cipher text every time the same message is encrypted with the same key.

Answer 195

A

Answer: B

Nondedicated leased lines offer the least assurance of communication because they require a link to be established before communication can take place. If all circuits for that connection type are currently in use, a connection will not be established, thus no communications.

Answer 196

A

Answer: A

A virtual private network (VPN) is simply a communication tunnel that provides point-to-point transmission of both authentication and data traffic over an intermediary network.

Answer 197

A

Answer: C

Without senior management support, no security effort can succeed.

Answer 198

A

Answer: C

A database column contains the data corresponding to a single attribute for all records in the table.

Answer 199

A

Answer: C

Declassification is required once an asset no longer warrants or needs the protection of its currently assigned classification or sensitivity level.

Answer 200

A

Answer: B

In many cases, a buffer overflow attack will involve specially crafted, typically oversized inputs in an attempt to overwrite critical application data and disrupt or redirect program execution flow.

Answer 201

A

Answer: A;B;C;D

Malicious code may infect almost any platform, including Windows PCs and servers, MacBooks, and embedded devices.

Answer 202

A

Answer: A

Rule-based access control defines specific functions for access to requested objects.

Answer 203

A

Answer: C

A detective control is a security mechanism used to verify whether the directive and preventive controls have been successful.

Answer 204

A

Answer: A

Hybrid environments combine both hierarchical and compartmentalized environments so that security levels have subcompartments.

Answer 205

A

Answer: B

Data mining uses mathematical approaches to analyze data, searching for patterns that predict future activity.

Answer 206

A

Answer: B

Access control provides security through confidentiality, integrity, and accountability.

Answer 207

A

Answer: D

UDP is a simplex protocol at the Transport layer.

Answer 208

A

Answer: C

As a general rule of thumb, security policies (as well as standards, guidelines, and procedures) should not address specific individuals. Instead of assigning tasks and responsibilities to a person, they should be defined for a role. Then these defined roles are assigned to individuals as a job description or an assigned work task. The assignment of a role to a person is not part of the security policy documentation. Rather, that activity is a function of administrative control or personnel management. Thus, a security policy does not define who is to do what but rather what must be done by the various roles within the security infrastructure.

Answer 209

A

Answer: C

In Cipher Block Chaining (CBC) mode, each block of unencrypted text is XORed with the block of cipher text immediately preceding it before it is encrypted using the DES algorithm.

Answer 210

A

Answer: B

In a TOC/TOU attack, the attacker is racing with the legitimate process to replace the object before it is used.

Answer 211

A

Answer: D

The risk analysis equations—specifically, the ALE and the cost/benefit equation—produce results that are primarily used to prioritize security efforts. The largest values should be addressed and resolved first. The values are not directly used to obtain insurance or assign responsibility, and they’re not realistic enough to be used as actual cost/loss expectations.

Answer 212

A

Answer: B

Intrusion prevention systems (IPSs) pick up where intrusion detection systems (IDSs) leave off by actively denying any illicit traffic patterns they detect.

Answer 213

A

Answer: C

The largest acceptable size for an ICMP packet is 65,536 bits.

Answer 214

A

Answer: C

Cat 5e offers 1000 Mbps (or 1 Gbps) throughput and is primarily used in Ethernet networks.

Answer 215

A

Answer: B

The Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH) amended HIPAA to include new regulations related to data breach notification and the compliance requirements of covered entity business associates.

Answer 216

A

Answer: D

A gateway connects networks that are using different network protocols.

Answer 217

A

Answer: D

Secure Sockets Layer (SSL) is an encryption protocol developed by Netscape to protect the communications between a web server and a web browser.

Answer 218

A

Answer: A

Authentication Header (AH) provides authentication, integrity, and nonrepudiation.

Answer 219

A

Answer: B

During the deencapsulation procedure, the Data Link layer strips its information and sends the message up to the Network layer.

Answer 220

A

Answer: C

If a security mechanism offers integrity, then it offers a high level of confidence that data, objects, and resources are unaltered from their original protected state.

Answer 221

A

Answer: C

The AES/Rijndael algorithm is capable of operating with 128-, 192-, or 256-bit keys. The algorithm uses a block size equal to the length of the key.

Answer 222

A

Answer: D

Authentication is the process of verifying or testing that a claimed identity is valid.

Answer 223

A

Answer: C

In an XSS attack, the attacker includes the “SCRIPT” tag in reflected input to execute a script on the client system.

Answer 224

A

Answer: B

C++ and other compiled languages are third generation programming languages.

Answer 225

A

Answer: A

All user applications, regardless of the security permissions assigned to the user, execute in user mode. Supervisory mode, kernel mode, and privileged mode are all terms that describe the mode used by the processor to execute instructions that originate from the operating system.

Answer 226

A

Answer: C

Network Address Translation (NAT) is a mechanism for converting the internal IP addresses found in packet headers into public IP addresses for transmission over the Internet.

Answer 227

A

Answer: A

VLAN hopping is a switch security issue, not a VoIP security issue. Caller ID falsification, vishing, and SPIT (spam over Internet telephony) are VoIP security concerns.

Answer 228

A

Answer: C

Tunnel mode VPNs are used to connect networks to networks or networks to hosts. Transport mode is used to connect hosts to hosts. Host , server , client , terminal , and domain controller are all synonyms.

Answer 229

A

Answer: D

The annualized loss expectancy can be calculated using asset value * exposure factor * annualized rate of occurrence. It can also be calculated using single loss expectancy * annualized rate of occurrence.

Answer 230

A

Answer: B

Although all electronic devices emit some unwanted emanations, CRT monitors are the devices most susceptible to this threat (at least from this list of options).

Answer 231

A

Answer: C

The concept of “Maintaining the internal and external consistency of objects so that their data is a correct and true reflection of the real world” is related to availability, not integrity.

Answer 232

A

Answer: C

The sender of a message uses the recipient’s public key to encrypt it.

Answer 233

A

Answer: B

Coordinated attacks between several cooperative machines using traffic in an illegitimate way are a distributed denial of service attack.

Answer 234

A

Answer: C

A separate key is required for each pair of users who want to communicate privately. In a group of six users, this would require a total of 15 secret keys.

Answer 235

A

Answer: B

In a smurf attack, the attacker sends a single forged packet bearing a source address corresponding to the victim machine.

Answer 236

A

Answer: D

Typical biometric authentication systems represent mechanisms that can mostly perform real-time analysis of biometric authentication factors without involving personal health factors.

Answer 237

A

Answer: D

Asynchronous transfer mode (ATM) is a cell-switching technology rather than a packet-switching technology.

Answer 238

A

Answer: A

The private IP addresses defined in RFC 1918 are 10.0.0.0 to 10.255.255.255 (a full Class A range), 172.16.0.0 to 172.31.255.255 (16 Class B ranges), and 192.168.0.0 to 192.168.255.255 (255 Class C ranges).

Answer 239

A

Answer: B

VBScript is the only example of an interpreted language listed. C++, Java, and Fortran are compiled languages.

Answer 240

A

Answer: D

The primary means by which fax communications can be secured is to use encryption.

Answer 241

A

Answer: B

In a hierarchical environment, the various classification labels are assigned in an ordered structure from low security to medium security to high security.

Answer 242

A

Answer: B

The Federal Sentencing Guidelines released in 1991 formalized the prudent man rule, which requires senior executives to take personal responsibility for ensuring the due care that ordinary, prudent individuals would exercise in the same situation.

Answer 243

A

Answer: C

Clustering (aka key clustering) is a weakness in cryptography where a plain-text message generates identical cipher-text messages using the same algorithm but different keys.

Answer 244

A

Answer: A

Preventive access control is deployed to stop unwanted or unauthorized activity from occurring.

Answer 245

A

Answer: A

Avoid combining policies, standards, baselines, guidelines, and procedures in a single document. Each of these structures must exist as a separate entity because each performs a different specialized function.

Answer 246

A

Answer: B

You should never conduct a formal or informal penetration test against any company without the advanced knowledge and express consent of management.

Answer 247

A

Answer: D

The offset value for the fourth fragment would be the sum of the lengths of the preceding three fragments. In this case, each of those fragments would be 1,500 bytes, leaving the fourth fragment with an offset value of 4,500 bytes.

Answer 248

A

Answer: C

In a hijack attack, which is an offshoot of a man-in-the-middle attack, a malicious user is positioned between a client and server and then interrupts the session and takes it over.

Answer 249

A

Answer: A

Attenuation is the loss of signal strength and integrity over distance on a cable.

Answer 250

A

Answer: C

A process can function or operate as a subject or object. In fact, many elements within an IT environment, including users, can be subjects or objects in different access control situations.

Brainscape's Knowledge GenomeTM

P/E 1 Flashcards

Brainscape's Knowledge Genome^TM