Practice test

Question 1

The Brewer-Nash model

Answer 1

Chinese wall-Conflicts of interest pertain to accessing company-sensitive information from different companies that are in direct competition with one another

Question 2

The Digital Signature Standard approves three encryption algorithms for use in digital signatures

Answer 2

the Digital Signature Algorithm (DSA); the Rivest, Shamir, Adleman (RSA) algorithm; and the Elliptic Curve DSA (ECDSA) algorithm.

Question 3

In the subject/object model of access control, the user or process making the request for a resource is the …..of that request. In this example, Harry is requesting resource access and is, therefore, the subject.

Answer 3

subject

Question 4

The use of a sandbox is an example of ……

Answer 4

confinement

Question 5

What concept describes the degree of confidence that an organization has that its controls satisfy security requirements

Answer 5

Assurance

Question 6

The Simple Integrity Property

Answer 6

states that an individual may not read a file classified at a lower security level than the individual’s security clearance.

Question 7

The Trusted Platform Module (TPM)

Answer 7

is a hardware security technique that stores an encryption key on a chip on the motherboard and prevents someone from accessing an encrypted drive by installing it in another computer.

Question 8

A preaction fire suppression system activates in two steps.

Answer 8

The pipes fill with water once the early signs of a fire are detected. The system does not dispense water until heat sensors on the sprinkler heads trigger the second phase.

Question 9

The *-Security Property

Answer 9

The *-Security Property states that an individual may not write to a file at a lower classification level than that of the individual. This is also known as the confinement property

Question 10

The Diffie-Hellman algorithm allows

Answer 10

allows for the secure exchange of symmetric encryption keys over a public network.

Question 11

Protection Profiles (PPs) specify the ……… and protections that must be in place for a product to be accepted under the ….

Answer 11

security requirements &Common Criteria.

Question 12

……. says that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge.

Answer 12

Kerckhoff’s principle

Question 13

The *-Integrity Property

Answer 13

states that a subject cannot modify an object at a higher integrity level than that possessed by the subject.

Question 14

Covert channel

Answer 14

A method used to pass information over a path not normally used for communication.

Question 15

Time of use:

Answer 15

The time at which a subject can access an object.

Question 16

Parameter checking

Answer 16

A method that can help prevent buffer overflow attacks.

Question 17

Race condition

Answer 17

The exploitation of difference between time of check and time of use.

Question 18

The Ready state is used when

Answer 18

a process is prepared to execute but the CPU is not available

Question 19

The Running state

Answer 19

is used when a process is executing on the CPU

Question 20

The Waiting state

Answer 20

is used when a process is blocked waiting for an external event.

Question 21

The Stopped state is

Answer 21

s used when a process terminates

Question 22

EAL1 evaluation assurance level under the Common Criteria

Answer 22

EAL1 assurance applies when the system in question has been functionally tested. It is the lowest level of assurance under the Common Criteria.

Question 23

Multistate systems

Answer 23

are certified to handle data from different security classifications simultaneously by implementing protection mechanisms that segregate data appropriately.

Question 24

The verification process is similar to the certification process in that it validates security controls

Answer 24

Verification may go a step further by involving a third-party testing service and compiling results that may be trusted by many different organizations. Accreditation is the act of management formally accepting an evaluating system, not evaluating the system itself.

Question 25

Process … ensures that any behavior will affect only the memory and resources associated with a process.

Answer 25

isolation

Question 26

Class A fire extinguishers

Answer 26

are useful only against common combustible materials

Question 27

Class B extinguishers are

Answer 27

are for liquid fires.

Question 28

Class C extinguishers

Answer 28

are for electrical fires

Question 29

Class D fire extinguishers

Answer 29

are for combustible metals.

Question 30

The TEMPEST program

Answer 30

reates technology that is not susceptible to Van Eck phreaking attacks because it reduces or suppresses natural electromagnetic emanations.

Question 31

Trusted Computing Base

Answer 31

is a small subset of the system contained within the kernel that carries out critical system activities.

Question 32

What physical security control broadcasts false emanations constantly to mask the presence of true electromagnetic emanations from computing equipment

Answer 32

White noise

Question 33

Multithreading

Answer 33

permits multiple tasks to execute concurrently within a single process. These tasks are known as threads and may be alternated between without switching processes.

Question 34

Heartbeat sensors

Answer 34

send periodic status messages from the alarm system to the monitoring center. The monitoring center triggers an alarm if it does not receive a status message for a prolonged period of time, indicating that communications were disrupted.

Question 35

Soda acid and other dry powder extinguishers work to remove the….

Answer 35

fuel supply

Question 36

While halon and carbon dioxide remove the … supply from a fire.

Answer 36

oxygen

Question 37

The of a ….of the limits set on the memory addresses and resources that the process may access.

Answer 37

bounds

Question 38

….. motion detectors monitor the electromagnetic field in a monitored area, sensing disturbances that correspond to motion.

Answer 38

Capacitance

Question 39

The …… is responsible for coordinating access to physical hardware and enforcing isolation between different virtual machines running on the same physical platform

Answer 39

hypervisor

Question 40

The …model of composition theory occurs when one system provides input for a second system and then the second system provides input for the first system. This is a specialized case of the cascading model, so the feedback model is the most appropriate answer.

Answer 40

feedback

Question 41

Data center humidity should be maintained between …and …. Values below this range increase the risk of static electricity, while values above this range may generate moisture that damages equipment.

Answer 41

40% and 60%

Question 42

……uses a black box approach to hide the implementation details of an object from the users of that object.

Answer 42

Abstraction

Question 43

Capability tables list the ……assigned to subjects and identify the objects that …… can access

Answer 43

privileges subjects

Question 44

Access control lists….

Answer 44

are object-focused rather than subject-focused.

Question 45

OAuth

Answer 45

is used to log into third-party websites using existing credentials

Question 46

During the Kerberos authentication process, the steps take place in the following order

Answer 46

E. User provides authentication credentials
C. Client/TGS key generated
B. TGT generated
A. Client/server ticket generated
D. User accesses service

Question 47

A …….is a transitive trust between parts of a domain tree or forest that shortens the trust path

Answer 47

shortcut trust

Question 48

a …….is a transitive trust between two forest root domains,

Answer 48

forest trust

Question 49

an … is a nontransitive trust between AD domains in separate forests.

Answer 49

external trust

Question 50

Kerberos, Active Directory Federation Services (ADFS), and Central Authentication Services (CAS) are all ….implementations

Answer 50

SSO

Question 51

When the owner of a file makes the decisions about who has rights or access privileges to it, they are using …….access control

Answer 51

discretionary

Question 52

….controls would grant access based on a subject’s role

Answer 52

Role-based access

Question 53

….. access controls apply a fixed set of rules to an environment to manage access. …. access controls include rule-, role-, and lattice-based access controls.

Answer 53

Nondiscretionary

Question 54

Mandatory access control systems are based on a ……

Answer 54

lattice-based model.

Question 55

….. is an AAA protocol used to provide authentication and authorization; it’s often used for modems, wireless networks, and network devices

Answer 55

RADIUS

Question 56

…. is the Extensible Authentication Protocol, an authentication framework often used for wireless networks.

Answer 56

EAP

Question 57

……..access controls match permissions to resources like a storage volume. Resource-based access controls are becoming increasingly common in cloud-based infrastructure as a service environments

Answer 57

Resource-based

Question 58

By default, RADIUS uses …… and only encrypts passwords. RADIUS supports TCP and TLS, but this is not a default setting

Answer 58

UDP

Question 59

…. occurs when users retain from roles they held previously rights they do not need to accomplish their current job

Answer 59

Privilege creep

Question 60

…… occur when two or more processes need to access the same resource in the right order.

Answer 60

Race conditions

Question 61

….. is a CPU architecture feature that allows the use of otherwise unused cycles,

Answer 61

out-of-order execution

Question 62

The stored sample of a biometric factor is called a …….

Answer 62

reference profile or a reference template

Question 63

……., is an XML-based language designed to allow platforms to generate and respond to provisioning requests

Answer 63

Service Provisioning Markup Language, or SPM

Question 64

… is used to make authorization and authentication data

Answer 64

SAML

Question 65

….. is used to describe access controls.

Answer 65

XACML

Question 66

…. is a messaging protocol and could be used for any XML messaging but is not a markup language itself

Answer 66

SOAP, or Simple Object Access Protocol,

Question 67

….. series of standards covers directory services.

Answer 67

The X.500

Question 68

By default, in what format does OpenLDAP store the value of the user Password attribute

Answer 68

In the clear

Question 69

….errors occur when a valid subject is not authenticated

Answer 69

Type 1

Question 70

… errors occur in biometric systems when an invalid subject is incorrectly authenticated as a valid user

Answer 70

Type 2

Question 71

….is the process of determining what a user is allowed to do

Answer 71

Authorization

Question 72

When you input a username and password, you are ….. yourself by providing a unique identifier and a verification that you are the person who should have that identifier (the password)

Answer 72

authenticating

Question 73

…… is the eXtensible Access Control Markup Language, not a type of attack

Answer 73

XACML

Question 74

……… authentication relies on facts or data that the user already knows that can be used to create questions they can answer on an as-needed basis (for example, a previous address, or a school they attended).

Answer 74

Dynamic knowledge-based

Question 75

……… relies on an alternate channel like a phone call or text message

Answer 75

Out-of-band identity proofing

Question 76

…..authentication factors are biometric, or “something you are,” rather than knowledge based.

Answer 76

Type 3

Question 77

…. are procedures and the policies from which they derive. They are based on regulations, requirements, and the organization’s own policies.

Answer 77

Administrative access controls

Question 78

…. access controls return an environment to its original status after an issue

Answer 78

Corrective

Question 79

…. are technical access controls that rely on hardware or software to protect systems and data.

Answer 79

Logical controls

Question 80

…controls are used in addition to or as an alternative to other controls

Answer 80

Compensating

Question 81

…… is a table that lists objects, subjects, and their privileges.

Answer 81

An access control matrix

Question 82

….. focus on objects and which subjects can access them

Answer 82

Access control lists

Question 83

…list subjects and what objects they can access.

Answer 83

Capability tables

Question 84

….. supports TLS over TCP. ….does not have a supported TLS mode over

Answer 84

RADIUS

Question 85

Verifying information that an individual should know about themselves using third-party factual information (a ….) is sometimes known as dynamic knowledge-based authentication

Answer 85

Type 1 authentication factor

Question 86

Type 2 authentication factor

Answer 86

something u have

Question 87

… is a federated identity solution designed to allow web-based SSO

Answer 87

Shibboleth

Question 88

…..is a federated identity solution designed to allow web-based SSO

Answer 88

Shibboleth

Question 89

…. is an open-source project designed to provide users with control over the release of their identity information.

Answer 89

Higgins

Question 90

….. typically require a challenge to be entered on the token to allow it to calculate a response, which the server compares to the response it expects.

Answer 90

Asynchronous tokens

Question 91

….., such as Google Authenticator, use a time-based algorithm that generates a constantly changing series of codes

Answer 91

Synchronous soft tokens

Question 92

…. for LDAP provides support for a range of authentication types, including secure methods

Answer 92

The Simple Authentication and Security Layer (SASL)

Question 93

…. controls help cover for issues with primary controls or improve them

Answer 93

Compensation

Question 94

….. which is used to return operations to normal function after a failure.

Answer 94

recovery control,

Question 95

…. testing modifies a program in small ways and then tests that mutant to determine if it behaves as it should or if it fails. This technique is used to design and test software tests through mutation

Answer 95

Mutation

Question 96

… code analysis and regression testing are both means of testing code, whereas code auditing is an analysis of source code rather than a means of designing and testing software tests.

Answer 96

Static

Question 97

….are document-based artifacts like policies or designs,

Answer 97

Specifications

Question 98

…are actions that support an information system that involves people,

Answer 98

activities

Question 99

an …….is one or more people applying specifications, mechanisms, or activities.

Answer 99

individual

Question 100

A …. or … box penetration test provides all of the information an attacker needs,

Answer 100

crystal

Question 101

A …. or … box penetration test provides all of the information an attacker needs,

Answer 101

crystal

Question 102

WPA2 enterprise uses …… authentication for users rather than a preshared key.

Answer 102

RADIUS

Question 103

…. is used to ensure that software modules properly meet interface specifications and thus will properly exchange data.

Answer 103

Interface testing

Question 104

…. tests software in a running environment

Answer 104

Dynamic testing

Question 105

…..fuzzing relies on models for application input and conducts fuzzing attacks based on that information

Answer 105

Generational

Question 106

… based fuzzers are sometimes called “dumb” fuzzers because they simply mutate or modify existing data samples to create new test samples.

Answer 106

Mutation

Question 107

…. logs are used in troubleshooting specific software packages as they perform their functions

Answer 107

trace

Question 108

…., also often called network flows, are captured to provide insight into network traffic for security, troubleshooting, and performance management.

Answer 108

Flows

Question 109

….ogging provides information about events on the routers

Answer 109

Audit

Question 110

A …….is often used to provide insight into how well testing covered the set of use cases that an application is being tested for.

Answer 110

test coverage analysis

Question 111

Testing how a system could be ….., focuses on behaviors that are not what the organization desires or that are counter to the proper function of a system or application

Answer 111

misused, or misuse testing

Question 112

….. is used to verify whether a desired functionality works.

Answer 112

Use case testing

Question 113

….is used to determine how code handles variables that change over time

Answer 113

Dynamic testing

Question 114

…… uses emulated or recorded transactions to monitor for performance changes in response time, functionality, or other performance monitors

Answer 114

Synthetic monitoring

Question 115

…… uses a span port or other method to copy traffic and monitor it in real time.

Answer 115

Passive monitoring

Question 116

……. is a passive monitoring technique that records user interaction with an application or system to ensure performance and proper application behavior.

Answer 116

Real user monitoring (RUM)

Question 117

…. can help identify rogue devices by capturing MAC address vendor

Answer 117

Passive scanning

Question 118

…. which is a type of functional or unit testing, tests to ensure that changes have not introduced new issues

Answer 118

Regression testing,

Question 119

… testing checks to see whether a change has had the effect it was supposed to,

Answer 119

Nonregression

Question 120

…focuses on simple problems with impact on critical functionality

Answer 120

smoke testing

Question 121

……a vulnerability is a commonly used key performance indicator for security teams

Answer 121

Time to remediate

Question 122

….. measures how long a packet can exist in hops,

Answer 122

Time to live

Question 123

….. is a measure used to determine how important a service or system is to an organization

Answer 123

business criticality

Question 124

…… are used to measure how effective code testing is

Answer 124

coverage rates

Question 125

…… are used to measure how effective code testing is

Answer 125

coverage rates

Question 126

…… are all important to test when performing software testing

Answer 126

Application programming interfaces (APIs), user interfaces (UIs), and physical interfaces

Question 127

….is used to describe the security condition of a system

Answer 127

The Open Vulnerability and Assessment Language (OVAL)

Question 128

……..is used to create security checklists in a standardized fashion.

Answer 128

The Extensible Configuration Checklist Description Format (XCCDF)

Question 129

……is titled “Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans,” and covers methods for assessing and measuring controls.

Answer 129

NIST SP 800-53A

Question 130

….. is an introduction to computer security

Answer 130

NIST 800-12

Question 131

… covers contingency planning,

Answer 131

800-34

Question 132

….is the “Guide to Integrating Forensic Techniques into Incident Response.

Answer 132

800-86

Question 133

…. is a detailed code review that steps through planning, overview, preparation, inspection, rework, and follow-up phases.

Answer 133

Fagan testing

Question 134

….. involves testing system or application components to ensure that they work properly together.

Answer 134

Interface testing

Question 135

……… component of SCAP provides a consistent way to refer to operating systems and other system components

Answer 135

The Common Platform Enumeration (CPE)

Question 136

…….helps describe the root causes of software flaws

Answer 136

The Common Weaknesses Enumeration (CWE) component

Question 137

….. standardizes steps of the vulnerability assessment process.

Answer 137

The Open Vulnerability and Assessment Language (OVAL)

Question 138

Windows defines five types of events: …, which indicate a significant problem; … which may indicate future problems;.., which describes successful operation; …, which record successful security accesses; and ….audits, which record failed security access attempts.

Answer 138

errors,warnings, information,success audits,failure

Question 139

…coverage tests verify that every line of code was executed during the test.

Answer 139

Statement

Question 140

… verifies that every if statement was executed under all if and else if conditions

Answer 140

Branch coverage

Question 141

….coverage verifies that every logical test in the code was executed under all sets of inputs.

Answer 141

Condition

Question 142

…coverage verifies that every function in the code was called and returns results.

Answer 142

Function

Question 143

… is the process of reviewing code without running it.

Answer 143

Static analysis

Question 144

…… use language beyond typical use case diagrams, including threatens and mitigates

Answer 144

Misuse case diagrams

Question 145

….are the documents associated with the system being audited. …. generally include policies, procedures, requirements, and designs.

Answer 145

Specifications

Question 146

…. is a description of the level of interaction between objects

Answer 146

Coupling

Question 147

….is the strength of the relationship between the purposes of methods within the same class.

Answer 147

Cohesion

Question 148

…… attacks exploit the trust that sites have in a user’s browser by attempting to force the submission of authenticated requests to third-party sites.

Answer 148

Cross-site request forgery (XSRF or CSRF)

Question 149

…. summarize large amounts of data and provide only summary information as a result. When carefully crafted… may unintentionally reveal sensitive information.

Answer 149

Aggregate functions

Question 150

…. summarize large amounts of data and provide only summary information as a result. When carefully crafted… may unintentionally reveal sensitive information.

Answer 150

Aggregate functions

Question 151

…. ensures that records exist in a secondary table when they are referenced with a foreign key from another table. Foreign keys are the mechanism used to enforce ….

Answer 151

Referential integrity

Question 152

…. ensures that records exist in a secondary table when they are referenced with a foreign key from another table. Foreign keys are the mechanism used to enforce ….

Answer 152

Referential integrity

Question 153

….l ensures that changes to software versions are made in accordance with the change and …..

Answer 153

Configuration contro

Question 154

… is a security issue that arises when a collection of facts has a higher classification than the classification of any of those facts standing alone

Answer 154

Aggregation

Question 155

An ….problem occurs when an attacker can pull together pieces of less sensitive information and use them to derive information of greater sensitivity

Answer 155

inference

Question 156

….configuration may be appropriate in this case. In this configuration, the firewall would continue to pass traffic without inspection while it is restarting. This would minimize downtime, and the traffic would still be protected by the other security controls described in the scenario

Answer 156

A fail open

Question 157

… that user-supplied input does not violate security conditions and is the most effective defense against cross-site scripting attacks.

Answer 157

Input validation verifies

Question 158

… is a form of input validation, but it is used to ensure that numeric input falls within an acceptable range and is not applicable against cross-site scripting attacks

Answer 158

Bounds checking

Question 159

… requires that once a transaction is committed to the database it must be preserved

Answer 159

Durability

Question 160

…. ensures that if any part of a database transaction fails, the entire transaction must be rolled back as if it never occurred.

Answer 160

Atomicity

Question 161

… ensures that all transactions are consistent with the logical rules of the database, such as having a primary key.

Answer 161

Consistency

Question 162

….reviews are often done via email or using a central code review system, allowing developers to review code asynchronously.

Answer 162

Pass around

Question 163

is a formal review process that would involve both the developer and a team to review the code using a formal process.

Answer 163

Fagan inspection

Question 164

….occur when one transaction writes a value to the database that overwrites a value needed by transactions that have earlier precedence, causing those transactions to read an incorrect value.

Answer 164

Lost updates

Question 165

…occur when one transaction reads a value from a database that was written by another transaction that did not commit

Answer 165

Dirty reads

Question 166

….charts use nodes to represent milestones or deliverables and then show the estimated time to move between milestones

Answer 166

PERT

Question 167

….. use a different format with a row for each task and lines showing the expected duration of the task.

Answer 167

Gantt charts

Question 168

…… structures are an earlier deliverable that divides project work into achievable tasks. Wireframe diagrams are used in web design.

Answer 168

Work breakdown

Question 169

…….. is performed after developers make changes to an application. It reruns a number of test cases and compares the results to baseline results. Orthogonal array testing is a method for generating test cases based on statistical analysis

Answer 169

Regression testing

Question 170

… uses records of past software bugs to inform the analysis

Answer 170

Pattern testing

Question 171

….develops a matrix of all possible inputs and outputs to inform the test plan.

Answer 171

Matrix testing

Question 172

….testing is a method for generating test cases based on statistical analysis

Answer 172

Orthogonal array

Question 173

…..attacks may take advantage of the use of reflected input in a web application where input provided by one user is displayed to another user.

Answer 173

Cross-site scripting (XSS)

Question 174

….nti-malware software has a higher likelihood of detecting a zero-day exploit than signature-based methods. Heuristic-based software does not require frequent signature updates because it does not rely upon monitoring systems for the presence of known malware. The trade-off with this approach is that it has a higher false positive rate than signature detection methods.

Answer 174

Heuristic-based a

Question 175

….. store is an example of a NoSQL database that does not follow a relational or hierarchical model like traditional databases. A graph database is another example of a NoSQL database, but it uses nodes and edges to store data rather than keys and values.

Answer 175

A key-value

Question 176

… approach prevents any activity from taking place during a system security failure and is the most conservative approach to failure management.

Answer 176

The fail closed

Question 177

…. allows the storage of multiple different pieces of information in a database at different classification levels to prevent attackers from inferring anything about the absence of information

Answer 177

Polyinstantiation

Question 178

….viruses use multiple propagation mechanisms to spread between systems. This improves their likelihood of successfully infecting a system because it provides alternative infection mechanisms that may be successful against systems that are not vulnerable to the primary infection mechanism.

Answer 178

Multipartite

Question 179

A …..is a false vulnerability in a system that may attract an attacker

Answer 179

pseudoflaw

Question 180

A ….. is a segment of unused network address space that should have no network activity and, therefore, may be easily used to monitor for illicit activity

Answer 180

darknet

Question 181

……separates the control plane from the data plane.

Answer 181

Software-defined networking

Question 182

….. contain an entry for every network communication session that took place on a network and can be compared to a list of known malicious hosts.

Answer 182

netflow

Question 183

is used to ensure that one person does not obtain two privileges that would create a potential conflict

Answer 183

segregation of duties

Question 184

…… is a term used to describe the unintentional accumulation of privileges over time, also known as privilege creep

Answer 184

Aggregation

Question 185

… performs four functions. One of those, write blocking, intercepts write commands sent to the device and prevents them from modifying data on the device. The other three functions include returning data requested by a read operation, returning access-significant information from the device, and reporting errors from the device back to the forensic host.

Answer 185

A forensic disk controller

Question 186

The ….on will then copy all files modified since the last full backup.

Answer 186

differential backup

Question 187

….. framework focuses on IT service management.

Answer 187

The IT Infrastructure Library (ITIL)

Question 188

….provides a common core of project management expertise

Answer 188

The Project Management Body of Knowledge (PMBOK)

Question 189

…. focuses on IT architecture issues.

Answer 189

The Open Group Architecture Framework (TOGAF)

Question 190

An attack committed against an organization by an insider, such as an employee, is known as …

Answer 190

sabotage.

Question 191

… identifies the maximum amount of data, measured in time, that may be lost during a recovery effort

Answer 191

The recovery point objective (RPO)

Question 192

…. environment, the vendor is responsible for hardware- and network-related responsibilities. These include configuring network firewalls, maintaining the hypervisor, and managing physical equipment. The customer retains responsibility for patching operating systems on its virtual machine instances.

Answer 192

In an infrastructure as a service

Question 193

…. environment, the vendor is responsible for hardware- and network-related responsibilities. These include configuring network firewalls, maintaining the hypervisor, and managing physical equipment. The customer retains responsibility for patching operating systems on its virtual machine instances.

Answer 193

In an infrastructure as a service

Question 194

…. is the set of systems that could cause a collision if they transmitted at the same time.

Answer 194

A collision domain

Question 195

….. protocols use metrics including the direction and distance in hops to remote networks to make decisions. ….routing protocol considers the shortest distance to a remote network

Answer 195

Distance-vector,A link-state

Question 196

…. is a distributed denial-of-service attack (DDoS) that spoofs a victim’s IP address to systems using an IP broadcast, resulting in traffic from all of those systems to the target.

Answer 196

Smurf attack

Question 197

…. is a distributed denial-of-service attack (DDoS) that spoofs a victim’s IP address to systems using an IP broadcast, resulting in traffic from all of those systems to the target.

Answer 197

Smurf attack

Question 198

…… can operate at speeds over 200 Mbps, and it can operate on both the 2.4 and 5 GHz frequency range. .. ..operates at 54 Mbps using the 2.4 GHz frequency range, and … is capable of 1 Gbps using the 5 GHz range. 802.11a and b are both outdated and are unlikely to be encountered in modern network installations.

Answer 198

802.11n,802.11g,802.11ac

Question 199

…… can operate at speeds over 200 Mbps, and it can operate on both the 2.4 and 5 GHz frequency range. .. ..operates at 54 Mbps using the 2.4 GHz frequency range, and … is capable of 1 Gbps using the 5 GHz range. 802.11a and b are both outdated and are unlikely to be encountered in modern network installations.

Answer 199

802.11n,802.11g,802.11ac

Question 200

802.1x provides …… authentication and can be used with technologies like EAP, the Extensible Authentication Protocol. 802.11a is a wireless standard, 802.3 is the standard for Ethernet, and 802.15.1 was the original Bluetooth IEEE standard.

Answer 200

port-based,

Question 201

SPIT stands for Spam over Internet Telephony and targets ….

Answer 201

VoIP systems.

Question 202

SPIT stands for Spam over Internet Telephony and targets ….

Answer 202

VoIP systems.