Practice A

Question 1

to calculate qualitative risk, multiply:

Answer 1

Threat x Vulnerability x Impact

Question 2

a threat ___ is the party responsible for a threat, and the threat ___ is the potential medium of the attack

Answer 2

agent; vector

Question 3

a SEIM system is only used when there are multiple ___

Answer 3

servers

Question 4

processors typically support two states: ___ which has highest privileges, or ___ which is associated with users

Answer 4

Supervisor/kernel; problem

Question 5

___, aka encapsulation is used in object oriented programming to separate subjects and objects

Answer 5

data hiding

Question 6

the ___ wireless standard supports 2.4 or 5 GHz and increases throughput up to 600 Mbps by supporting multiple Input/output frequencies

Answer 6

802.11n

Question 7

a client device responds to a TFTP server using a ___ port, in the number range:

Answer 7

registered, or user; 1024 - 49151

Question 8

temporary communication sessions are often established using ___ ports, in the number range:

Answer 8

ephemeral, or private; 49152 - 65535

Question 9

of the fire sensing technologies, only ___ sensors require line of sight

Answer 9

flame

Question 10

the main concern about Bluetooth on a network is ___

Answer 10

weak encryption

Question 11

Extensible Access Control Markup Language (XACML), Security Provisioning Markup Language (SPML) and Security Assertion Markup Language (SAML) are all open standards created by ___

Answer 11

OASIS (Organization for the Advancement of Structured Information Standards)

Question 12

the difference between Network Address Translation (NAT) and Port Address Translation (PAT) is:

Answer 12

PAT assigns multiple private IP’s to one public IP by assigning Port numbers, while NAT assigns one-to-one private to public IP’s

Question 13

communicating with either IPv4 or IPV6 can be done by a ___ device, by using ___ to translate the traffic, or between LAN’s using ___

Answer 13

dual stack;
Network Address Translation-Protocol Translation (NAT-PT);
4to6 or 6to4 tunneling

Question 14

while Kerberos does a good job preventing eavesdropping attacks, it is vulnerable to ___

Answer 14

theft of cached credentials which are not encrypted

Question 15

in network data encapsulation, bits are encapsulated into ___, then into ___, then into ___

Answer 15

frames; packets; segments

Question 16

of the AAA protocols, one weakness of ___ is that it only encrypts passwords, not usernames

Answer 16

RADIUS

Question 17

HTTPS encrypts packets at OSI layer ___

Answer 17

4 - Transport

Question 18

any device with more than one network connection is considered multi-___

Answer 18

homed

Question 19

mitigating electromagnetic leakage is the concern of the ___ program

Answer 19

TEMPEST

Question 20

the OWASP top 10 vulnerability that increased since 2013 is ___

Answer 20

sensitive data exposure

Question 21

although security administrators generally have less privileges than system administrators, they often ___ of system admins

Answer 21

audit the activities

Question 22

the SHA algorithm can produce a hash of at most ___ bits

Answer 22

512

Question 23

in a brute force attack the attacker knows the ___

Answer 23

ciphertext

Question 24

the ISO 27000 security standards are based on a ___ standard

Answer 24

British

Question 25

SYN flood attacks occur on OSI layer ___ because they use ___ protocol

Answer 25

Transport; TCP

Question 26

to deny specific domains in an access control list while allowing all others, your rules should end with ___

Answer 26

Allow All

Question 27

skimming attacks involve the capture and use of ___

Answer 27

credit card information

Question 28

a teardrop attack is a kind of DOS attack using ___

Answer 28

large overlapping IP fragments the victim system attempts to reassemble

Question 29

an emanation attack captures data through ___

Answer 29

electromagnetic leakage

Question 30

following a malware attack which damaged files, anti-virus software used to purge the malware is a ___ control and restoring from backup is a ___ control

Answer 30

Corrective; Recovery

Question 31

Kerberos is considered a ___ system because users only have to sign on once per session

Answer 31

Single Sign On (SSO)

Question 32

security ___ of objects enable enforcement of organizational policies, standards, regulations, etc.

Answer 32

marking

Question 33

when an identified vulnerability has a label beginning “MS..” then it was identified by the organization ___

Answer 33

Microsoft

Question 34

technical Standards in an organization help ensure ___, whereas Baselines have more ___

Answer 34

consistency; discretion

Question 35

in a relational database, ___ is another word for a table, ___ for a row and ___ for a column

Answer 35

relation; tuple; attribute

Question 36

Tripwire is a ___ based intrusion ___ system

Answer 36

host; detection

Question 37

SLIP is sometimes used instead of PPP because ___

Answer 37

it has lower overhead

Question 38

a lockdown enclosure is designed to prevent ___

Answer 38

theft of computer equipment