Practice Test 10 Flashcards
Which of the following authentication protocols transmits passwords over the network in an unencrypted form and is therefore considered unsecure?
RADIUS
PAP
TACACS+
CHAP
PAP
FTP, HTTP, IMAP4, LDAP, POP3, SNMPv1, SNMPv2, and Telnet are all examples of network protocols that send data in clear text.
True
False
True
A security solution designed to detect anomalies in the log and event data collected from multiple network devices is known as:
HIDS
PCAP
HIPS
SIEM
SIEM
security information and event management (SIEM) software products and services combine security information management (SIM) and security event management (SEM). They provide real-time analysis of security alerts generated by applications and network hardware.
Which of the following security measures would be of help in troubleshooting user permission issues? (Select 2 answers)
Password complexity Principle of least privilege Password history Permissions auditing and review Multifactor authentication
Principle of least privilege
Permissions auditing and review
“The term ““Segmentation fault”” refers to: (Select 2 answers)”
Error handling technique Access violation Zero-day vulnerability Memory management Input validation technique
Access violation
Memory management
Which of the tools listed below can be used troubleshooting certificate issues? (Select 2 answers)
CIRT CRC OCSP CRL OSPF
OCSP
CRL
The Online Certificate Status Protocol (OCSP) is an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 6960 and is on the Internet standards track.
A Certificate Revocation List (CRL) is a list of certificate serial numbers which have been revoked, are no longer valid, and should not be relied upon by any system user.
A software or hardware-based security solution designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network (data exfiltration) is known as:
DEP
RADIUS
DLP
PGP
DLP
Data loss prevention(DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a network administrator control what data end users can transfer.
The importance of changing default user names and passwords can be illustrated on the example of certain network devices (such as for example routers) which are often shipped with default and well-known admin credentials that can be looked up on the web.
True
False
True
Which of the following answers list(s) example(s) of weak security configuration(s)? (Select all that apply)
DES WPA2 SHA-1 WEP SHA-512 WPS
DES
SHA-1
WEP
WPS
A set of rules enforced in a network that restricts the use to which the network may be put is known as:
SLA
AUP
MOU
SOW
AUP
Anacceptable use policy(AUP) is a document stipulating constraints and practices that a user must agree to for access to a corporate network or the Internet. Many businesses and educational facilities require that employees or students sign anacceptable use policybefore being granted a network ID.
Which of the security measures listed below would be effective against the malicious insider threat? (Select 3 answers)
DLP system Principle of least privilege Time-of-day restrictions Strong authentication Usage auditing and review
DLP system
Principle of least privilege
Usage auditing and review
What is the best countermeasure against social engineering?
Strong authentication
Permission auditing and review
User awareness training
Password complexity requirement
User awareness training
What are the drawbacks of running an unauthorized software in a corporate environment?
Potential malware propagation problem
Inadequate support from the in-house IT department
Violation of software licensing agreements
All of the above
All of the above
Usage auditing and application whitelisting are the countermeasures against:
Unauthorized software
Social engineering
Weak security configurations
Misconfigured software
Unauthorized software
One of the best practices for malware removal involves the process of isolation of files and applications suspected of containing malware to prevent further execution and potential harm to the user’s system. This process is referred to as:
Quarantine
Content filtering
Protected mode
Blacklisting
Quarantine
The SFC utility in MS Windows:
Encrypts files and folders
Checks file integrity and restores corrupted system files
Displays information about system hardware and software configuration
Starts Windows programs from command-line interface
Checks file integrity and restores corrupted system files
“Hash functions allow for mapping large amounts of data content to a small string of characters. The result of hash function provides the exact ““content in a nutshell”” (in the form of a string of characters) derived from the main content. In case there’s any change to the data after the original hash was taken, the next time when hash function is applied, the resulting hash value calculated after content modification will be different from the original hash. In computer forensics procedures, comparing hashes taken at different stages of evidence handling process ensures that the evidence hasn’t been tampered with and stays intact.”
True
False
True
Which of the following acronyms refers to a network security solution combining the functionality of a firewall with additional safeguards such as URL filtering, content inspection, or malware inspection?
MTU
WPA
UTM
WAP
UTM
UTMstands for Urchin Tracking Module
An OS security feature designed to ensure safe memory usage by applications is known as:
DEP
DLP
DSU
DRP
DEP
Data Execution Prevention (DEP) helps prevent damage from viruses and other security threats that attack by running (executing) malicious code from memory locations that only Windows and other programs should use.
Which of the acronyms listed below refers to a firewall controlling access to a web server?
WEP
WAP
WPS
WAF
WAF
A web application firewall (WAF) is an application firewall for HTTP applications. It applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. While proxies generally protect clients, WAFs protect servers.
Which of the following mobile connectivity methods provides the best coverage?
Cellular Wi-FI SATCOM ANT Infrared
SATCOM
satellite communications
The process of establishing connection between Bluetooth devices (for example between a Bluetooth enabled headset and a Bluetooth enabled mobile phone) is commonly referred to as:
Linking
Three-way handshake
Crosstalk
Pairing
Pairing
Which of the answers listed below refers to a technology that enables carrying out mobile payment transactions with the use of the physical phone device?
WAP
NFC
IR
RFC
NFC
Near Field Communication (NFC) is a short-range wireless connectivity standard (Ecma-340, ISO/IEC 18092) that uses magnetic field induction to enable communication between devices when they’re touched together, or brought within a few centimeters of each other.
A wireless connectivity technology primarily used in low-powered sports and fitness mobile devices is known as:
USB
WTLS
UAV
ANT
ANT
I think ANT stands for Advanced andAdaptive Network Technology, need a fact check
Which of the answers listed below refers to a security countermeasure that allows to erase data on a lost or stolen mobile device?
Remote lock
Degaussing
Low-level formatting
Remote wipe
Remote wipe
