Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Sec > Quiz 2 > Flashcards

Quiz 2 Flashcards

1
Q

True or False: You are able to access hardware directly from all applications on a computer.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

True or False: Granting full control to a Windows share to a user ensures that the user has access to the underlying files in the share.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

True or False: In an offline dictionary attack, the attacker gains access to a password file and compares these password hashes against hashes of commonly used passwords.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

True or False: An applicant applies to a registration authority (RA) to become a subscriber of a credential service provider (CSP).

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or False: An assurance level of 2 means that the organization has a high confidence in the validity of the asserted identity and is appropriate to enable clients or employees to access restricted services of high but not the highest value.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

True or False: The salt value can prevent duplicate passwords from being visible in the password file.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

True or False: Biometrics prevent replay attacks.

A

False

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

True or False: Compromise of OS means an attacker potentially has access to everything.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

True or False: A reactive password checking strategy is one in which the system periodically runs its own password cracker to find guessable passwords.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is required to trust an operating system or TCB?

a) Complete mediation
b) Tamper Proof
c) Correct
d) All of the above
e) None of the above

A

d) All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

The Java Virtual Machine is an example of:

a) Native virtualization
b) Application virtualization
c) Host virtualization
d) All of the above
e) None of the Above

A

b) Application virtualization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Security concerns that result from the use of virtualized systems include ______.

a) guest OS isolation
b) guest OS monitoring by the hypervisor
c) virtualized environment security
d) all of the above

A

d) all of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A hypervisor accomplishes the following:

a) It coordinates guest OS access to memory and storage
b) It coordinates guest OS access to the CPU
c) It provides a similar hardware interface as that seen by an OS directly executing on the actual hardware.
d) All of the above
e) None of the Above

A

d) All of the above

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A _____________ occurs when an attacker targets a distinct account and submits password guesses until the correct password is discovered. The standard countermeasure is an account lockout mechanism, which locks out access to the account after a number of failed login attempts. Typical practice is no more than five access attempts.

a) Specific account attack
b) Popular Password Attack
c) Workstation hijacking
d) Offline dictionary attack
e) All of the above
f) None of the Above

A

a) Specific account attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are some common issues with compiling a dictionary of bad passwords and then preventing a user from using a password in that list:

a) Space limitations – this dictionary could be quite large.
b) Time – it could take a long time to search all of the entries in this dictionary.
c) Security – This dictionary could easily be exploited to create a rainbow table.
d) All of the above
e) A and B
f) None of the Above

A

e) A and B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the basic steps in the process of securing an operating system?

a) Install and patch the operating system.
b) Removing unnecessary services, applications.
c) Configuring resource controls.
d) All of the above
e) None of the Above

A

d) All of the above

17
Q

Which of the following are means of authenticating a user’s identity:

a) Something the individual knows
b) Something the individual possesses
c) Something the individual is
d) Something the individual does
e) All of the above
f) A and B
g) None of the Above

A

e) All of the above

18
Q

Which of these methods have been shown to allow hackers access to “secure” memory belonging to the OS?

a) Modification of firmware by Thunderstrike malware via malicious devices that connect via Mac’s Thunderbolt interface
b) Exploiting the ‘refresh’ mechanism of Dynamic RAM for privilege escalation
c) Exploiting OS buffer overflow vulnerabilities
d) All of the above
e) A and B

A

d) All of the above

19
Q

You just got a new job at Codecademy, users get access to a limited terminal shell environment that you host for them so that they can learn to code. They can write to files, change files, and host images and other content. Multiple users can have one of these environments on a single shared machine at any given time.

This is implemented using a customer facing process that you want to make sure is properly isolated from the rest of your system so that users can’t interfere with each other and only have access to their own file system environment for editing their code. Which of these tools would enable this?

a) Process priority values
b) Chroot jail
c) Tcpdump
d) Packet filter
e) None of the Above

A

b) Chroot jail

20
Q

True or False: Information on group membership is stored in the /etc/passwd file.

Sec (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions