Practice Test Flashcards
Want to see how well you're doing? Check out this assessment test, ripped straight from the text. (Questions 24 and 28 have been omitted.)
The org that Chris works for has disabled automatic updates. What is the MOST common reason for disabling automatic updates for org systems?
To avoid issues with problematic patches and updates
What are the capabilities provided by S/MIME when it is used to protect attachments for email?
Message integrity, nonrepudiation, and authentication
What wireless tech is most frequently used for wireless payment solutions?
Near-field Communications
What is the least volatile according to the forensic order of volatility?
Logs
Ed wants to trick a user into connecting to his evil twin access point. What type of attack should he conduct to increase his chances of the user connecting to it?
A Disassociation Attack
What term is used to describe wireless site surveys that show the relative power of access points on a diagram of the building or facility?
Heat Maps
What hardware device is used to create the hardware root of trust for modern desktops and laptops?
The TPM
Elenora runs the following code in Linux:
cat example.txt example2.txt
What will happen?
The contents of both [example.txt] and [example2.txt] will be displayed on the terminal
Angela wants to prevent users in her org from changing their passwords repeatedly after they have been changed, so that they can just reuse their current password. What two PW security settings does she need to implement to make this occur?
Set a password history and a minimum password age
Chris wants to run a RAID that is a mirror of two disks. What RAID level does he need to implement?
RAID 1
The power company that Glenn works for builds their distribution nodes into structures that appear to be houses or other buildings appropriate for their neighborhoods. What type of security control is this?
Industrial Camouflage
What are the common constraints of embedded and specialized systems?
Lower computational power, lack of network connectivity, and the inability to patch
Gary is reviewing his systems SSH logs and see logins for the user named “Gary” with passwords like [password1], [passsw0rd], and [PassworD]. What type of attack has Gary discovered?
Dictionary Attack
Kathleen wants to set up a system that allows access into a high-security zone from a low-security zone. What type of solution should she configure first?
A Jump Box
Derek’s org securely shreds all documents before they are disposed of, and secures their trash. What info gathering technique are they attempting to prevent?
Dumpster Diving