Security+ 501 Test 1 Flashcards

1
Q
  1. What do you use to encrypt a message to send to someone? 2. What do they use to decrypt it?
A
  1. Public Key

2. Private Key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What following secure e-mail protocols is carried over an SSL or TLS connection and uses TCP port 993?

A

IMAPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a server-side e-mail protocol and is not used over SSL or TLS?

A

SMTP (Simple Mail Transfer Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is is a non-secure client-side e-mail protocol that uses TCP port 110?

A

POP3 (Post Office Protocol 3)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is is a non-secure client-side e-mail protocol that uses TCP port 143?

A

IMAP4 (Internet Mail Access Protocol version 4)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What form of Load Balancing assigns to each server in order, then returns to the first server assigns to each server in order, then returns to the first server?

A

Round Robin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What form of Load Balancing keeps a client’s sessions connected to the server that’s keeping the session?

A

Affinity Scheduling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a point-in-time backup of certain key configuration settings of a virtual machine, allowing the VM to be restored back to that point in time if it suffers a crash or other issue?

A

Snapshot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a Microsoft Windows type of backup that backs up critical files used by the operating system to restore it in the event of a system crash or other issue?

A

System State Backup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What protocols would you use to encrypt VPN traffic?

A

IPsec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What port does DNS use?

A

TCP and UDP port 53

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What port does SSH use?

A

22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What port does SMTP use?

A

25

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What port is HTTP used?

A

80

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What technique separates applications from one another and does not allow them to share execution, user, or data space?

A

Sandboxing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What technique enables an administrator to determine which applications and other software the user is allowed to install and execute?

A

Whitelisting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What technique is used to separate different sensitivities of data, such as corporate and personal data on a mobile device?

A

Containerization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is a method that enables administrators to restrict users from installing and executing certain applications?

A

Blacklisting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which of the following is a key agreement protocol used in public-key cryptography?

A

Elliptic Curve Diffie-Hellman (ECDH)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What is the most common public-private key generation algorithm used in public-key cryptography? It is used to generate a public and private key pair.

A

RSA (Rivest-Shamir-Adleman)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is used to generate message digests for plaintext? It is not used in public-key cryptography to exchange keys or establish secure sessions.

A

SHA-2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which of the following concepts should be the most important consideration when determining how to budget properly for security controls?

A

Risk and Impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What form of authentication passes credentials in clear text and is not recommended for use?

A

PAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What form of authentication uses password hashes and challenge methods to authenticate to the system. Passwords are not passed in clear text with this protocol.

A

CHAP (Challenge Handshake Authentication Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

What form of authentication is a modern authentication framework that can use various authentication methods for both wired and wireless networks? It also does not pass username and password information in clear text.

A

EAP (Extensible Authentication Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

(Blank) typically involves checking traffic on a network device based upon specific characteristics.

A

Filtering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

What is an older form of attack where a malicious/compromised Web site places invisible controls on a page, giving users the impression they are clicking some safe item that actually is an active control for something malicious?

A

Clickjacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

(Blank) adds malicious information to HTTP headers?

A

Header Manipulation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What type of attack means to add malicious information or code, often by using a Trojan horse?

A

Man-in-the-Browser

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

(Blank) attempt to access privilege escalation by forcing a buffer to cause an error.

A

Buffer Overflows

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is typically created for a single Web browsing session and is generally not carried across different sessions?

A

Session Cookies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

(Blank) cookies are saved and used between various Web sessions?

A

Persistent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Which of the following enables a user to provide one set of credentials to the system and use those credentials throughout other interconnected systems?

A

Single Sign-On

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

What method of authentication uses several different factors to authenticate to a system, such as something you know, something you are, and something you have.

A

Multi-Factor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

What method of authentication uses only one factor, such as something you know, to authenticate to a system. It can also be used in a single sign-on environment but is not required.

A

Single Factor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What method of authentication can appear to be similar to single sign-on, but it requires all individual systems simply to accept credentials passed from another system without a unified approach.

A

Pass-through

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Which of the following authentication protocols uses a series of tickets to authenticate users to resources, as well as timestamps to prevent replay attacks?

A

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What is the error caused by rejecting an authorized user; it is also called a Type I error

A

False Rejection Rate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What is the error caused when an unauthorized user is validated as authorized, also referred to as a Type II error.

A

False Acceptance Rate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Which two secure protocols protects traffic during transmission and uses TCP port 443?

A

SSL and TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Both SCP and SSH use which TCP port

A

22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

UDP uses UDP port (blank) and is totally unsecure.

A

69

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

If a person knows a control exists, and this control keeps him or her from performing a malicious act, what type of control would this be classified as?

A

deterrent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

What control assists and mitigates the risk when an existing control is unable to do so.

A

Compensating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

What protocol uses a management information base (MIB) to provide detailed device-specific information to a central management console?

A

SNMP (Simple Network Management Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

What protocol is responsible for sending e-mail?

A

SMTP (Simple Mail Transport Protocol)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

(Blank) is a log server found in UNIX and Linux systems?

A

Syslog

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

What is the process of marking a photo or other type of media with geographical location information using the GPS of a mobile device?

A

Geotagging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

(Blank) is the use of a device’s GPS features to determine device location, locate points of interest, and gather other useful information?

A

Geotagging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

(Blank) is the use of geolocation features to ensure that a mobile device does not leave specific areas of corporate property.

A

Geofencing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Which type of network intrusion detection system (NIDS) develops a baseline of normal traffic so it can detect deviations in this traffic that might indicate an attack?

A

Anomaly-Based System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Which type of network intrusion detection system (NIDS) use predefined rule sets?

A

Rule-Bases System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Which type of network intrusion detection system (NIDS) uses routers and firewalls, base detection on access control lists that specify traffic that is permitted and denied?

A

Filter-based systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Which type of network intrusion detection system (NIDS) use predefined traffic signatures that are typically downloaded from a vendor?

A

Signature-based systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Which of the following is the simplest form of disaster recovery exercise?

A

The documentation review

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

What form of disaster recovery exercise goes through the motions of fulfilling the responsibilities and conducting the activities required during an incident or disaster?

A

Walkthrough test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

In what form of disaster recovery exercise all personnel are usually involved and may actually conduct activities as they would during a real incident. This type of test is more complex and normally requires extensive resources, such as people and equipment, so it is typically conducted infrequently.

A

Full Scale

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Which of the following details the specific access levels that individuals or entities may have when interacting with objects?

A

ACL (Access Control List)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

For which of the following should employees receive training to establish how they are to treat information of different sensitivity levels?

A

Information Classification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

What policy instructs employees to not leave sensitive data unattended, as well as data disposal policies, can be included in the information and data handling policies, but these are very specific instances and don’t cover all information or all scenarios where an employee would be in a position to treat data with care

A

Clean Desk Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

During which type of assessment would penetration testers not have any knowledge about the network and network defenders have no knowledge of the test itself?

A

Double-Blind Test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

During which type of assessment only the testers have no knowledge of details about this network configuration. This type of test is also referred to as a blind test.

A

Black Box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

During which type of assessment the penetration tester may have some limited knowledge of the network or systems, gained from the organization that wants the test.

A

Gray Box

64
Q

Which of the following DES/AES encryption modes is considered the weakest?

A

ECB (Electronic Code Book)

65
Q

What type of filter can scan content as it leaves the network, checking for certain types of content that has been pre-specified within the software.

A

Content Filter

66
Q

What filters are used to catch and quarantine spam messages?

A

Antispam filters

67
Q

(Blank) are used to cache, or store, messages for speedy retrieval in the future?

A

Catching Proxy Servers

68
Q

(Blank) help control and block (when necessary) network traffic at the ingress and egress points?

A

Firewalls

69
Q

Which access control models enable a person who creates or owns objects to define permissions to access those objects?

A

Discretionary access control

70
Q

Which access control model use labels and security clearances to grant access to objects?

A

Mandatory Access Control

71
Q

What type of organizations are the main users of an interconnection service agreement (ISA)?

A

Telecommunication Companies

72
Q

You have received reports that a number of hosts in your company’s internal network are sluggish and unresponsive. After troubleshooting other items, you decide to use a sniffer to examine the network traffic coming into the host. You see that massive amounts of ICMP broadcasts are being sent on the network. The switch is having trouble processing all of this traffic, due to repeated ICMP replies, causing it to slow down. What type of attack most likely caused this

A

Flood attack

73
Q

What type of attack attempts to break into an existing communications session, and is not a denial-of service attack?

A

Man-in-the-middle

74
Q

What type of attack is a form of social engineering attack using e-mail?

A

phising

75
Q

Which of the following two ways typically separate network hosts for security purposes?

A

physically and logically

76
Q

During which stage of a secure development model would you normally find steps such as requirements gathering, analysis, and diagram development?

A

Security Requirements

77
Q

During which stage of a secure development model would you normally find steps such as secure code review, fuzzing, and vulnerability assessments?

A

Security Testing

78
Q

During which stage of a secure development model are different security functionality is designed into the application?

A

Security design

79
Q

During which stage of a secure development model are security requirements are validated as implemented in the application?

A

Security Implementation

80
Q

When information is converted to an unreadable state using cryptography, in what form is the information?

A

Ciphertext

81
Q

A (blank) or message digest is a cryptographic representation of variable length text, but it is not the text itself.

A

Hash

82
Q

(Blank) is unencrypted text.

A

Plaintext

83
Q

What are valid methods to secure static hosts in an organization?

A

Application Level Firewalls, Network Segmentation, Layered Security

84
Q

The (Blank) is the maximum allowable amount of data (measured in terms of time) that the organization can afford to lose during a disaster or an incident.

A

RPO (Recovery Point Objective)

85
Q

Which of the following is a trusted OS?

  1. Ubuntu Linux
  2. SELinux
  3. Windows 10
  4. Windows Server
A
  1. SELinux
86
Q

Which of the following is the biggest risk involved in cloud computing?

  1. Lack of Control
  2. Lack of Availability
  3. Lack of Responsibility
  4. Lack of Accountability
A
  1. Lack of Control
87
Q

Which of the following is normally required to convert and read coded messages?

A

Codebook

88
Q

What can cause a successful attack on a system when a user enters malicious code or characters into a form field on a Web application?

A

Input Validation

89
Q

What formal management effort is designed to remediate security flaws discovered in applications and operating systems?

A

Patch Management

90
Q

What is the process of provisioning and maintaining user accounts on the system?

A

Account Management

91
Q

What is a formalized process that involves both long-term and short-term infrastructure changes, as well as configuration changes to hosts and networks?

A

Change Management

92
Q

What type of file, often sent with an e-mail message, can contain malicious code that can be downloaded and executed on a client’s computer?

A

HTML

93
Q

What is a simple script that is set to execute at a certain time that is usually created by rogue administrators or disgruntled employees?

A

Logic Bombs

94
Q

What is a piece of malicious software that must be propagated through a definite user action?

A

Virus

95
Q

What is a piece of software that seems to be of value to the user, but in reality is malware?

A

A Trojan Horse

96
Q

What causes usually annoying advertisements that come in the form of pop-up messages in a user’s browser?

A

Adware

97
Q

What is an application designed to create and initiate files on a host to provide a fully functional virtual machine?

A

Hypervisor

98
Q

What is software or a hardware appliance responsible for balancing user requests and network traffic among several different physical or virtualized hosts?

A

A Load Balancer

99
Q

Which type of cloud service is usually operated by a third-party provider that sells or rents “pieces” of the cloud to different entities, such as small businesses or large corporations, to use as they need?

A

Public

100
Q

Which type of cloud service is for use only by one organization and is usually hosted by that organization’s infrastructure?

A

Private

101
Q

Which type of cloud service for use by similar organizations or communities, such as universities or hospitals, that need to share common data?

A

Community

102
Q

An attack in which an attacker attempts to disconnect a victim’s wireless host from its access point is called?

A

Deauthentication

103
Q

What type of attack involves impersonating a wireless client or access point, either through its IP or MAC address?

A

Spoofing

104
Q

What type of attack involves the reuse of intercepted non-secure credentials to gain access to a system or network.

A

Replay Attack

105
Q

What type of attack involves attempting to break WEP keys by targeting their weak IVs?

A

Initialization vector (IV) attacks

106
Q

Which of the following algorithms won the U.S. government?sponsored competition to become the Advanced Encryption Standard (AES)?

  1. RC4
  2. Blowfish
  3. Twofish
  4. Rijindael
A

4.Rijindael

107
Q

What is a variant of a phishing attack, where a phishing e-mail is sent to a high-value target instead of on a mass scale to all employees?

A

Whaling

108
Q

What type of attack involves targeting a particular type of user, regardless of rank in the organization, and basing the attack on more detailed, in-depth information in order to convince the target that the phishing e-mail is actually valid.

A

Spearfishing

109
Q

(Blank) is a form of phishing attack that takes place over Voice-over-IP (VoIP) telephone systems?

A

Vishing

110
Q

What network management protocols uses agents that respond to queries to report its status to a central program manager?

A

SNMP (Simple Network Management Protocol)

111
Q

What methods of strengthening weak keys involve taking a weak initial key and feeding it to an algorithm that produces an enhanced key, which is much stronger?

A

Key Stretching

112
Q

This involves sending individual characters of the key through an algorithm and using the mathematical XOR function to change the output.

A

Key streaming

113
Q

What involves generating and exchanging an asymmetric key used for a particular communications session, or exchanging public keys in order to use them for public-key cryptography.

A

Key Exchange

114
Q

Your organization wants you to create and implement a policy that will detail the proper use of its information systems during work hours. Which of the following is the best choice?

A

Acceptable Use Policy

115
Q

What is an act performed by the company itself, and is not a user policy?

A

Due Care

116
Q

What type of agreements are made between a company and a third party, such as a contractor or a supplier.

A

Service Level Agreement

117
Q

Which of the following is a form of intentional interference with a wireless network?

A

Jamming

118
Q

What type of attack is a rogue wireless access point set up to be nearly identical to a legitimate access point.

A

Evil Twin

119
Q

What type of attack is a weak security measure designed to hide the broadcasting of a wireless network’s service set identifier.

A

SSID Cloaking

120
Q

What type of attack is an attempt to impersonate another host by using its MAC address.

A

MAC Spoofing

121
Q

Which of the following secure file copy protocols is used over an SSL or TLS connection?

A

FTPS

122
Q

(Blank) is a secure file transfer protocol used to copy files to and from an Internet-based host, and it also uses SSH.

A

SFTP

123
Q

(Blank) is a secure copy protocol used to copy files securely to and from a networked host, and it uses SSH.

A

SCP

124
Q

(Blank) is a non-secure protocol used to copy files to and from Internet-based hosts?

A

FTP

125
Q

In order, the steps of the incident response life cycle are preparation; detection and analysis; containment, eradication, and recovery; and post-incident activity

A
  1. preparation
  2. detection and analysis
  3. containment, eradication, and recovery
  4. post-incident activity
126
Q

What technologies allow devices to communicate with each other at very close range through radio signals by using a special chip implanted in the device, and maybe vulnerable to eavesdropping and man-in-the-middle attacks?

A

NFC

127
Q

How many rounds does DES perform when it encrypts plaintext?

A

16

128
Q

What authentication protocol does RADIUS use?

A

UDP port 1812

129
Q

Which of the following security controls allows connectivity to a network based on the system’s hardware address?

A

MAC Filtering

130
Q

What policy settings prevent a user from rapidly changing passwords and cycling through his or her password history to reuse a password?

A

Minimum Password age

131
Q

Which of the following encryption protocols uses RC4 with small initialization vector sizes?

A

WEP

132
Q

Which of the following types of public-key cryptography uses a web of trust model?

A

PGP (Pretty Good Privacy)

133
Q

(Blank) is a key negotiation and agreement protocol that is used to exchange keys and establish a secure communications session.

A

DHE (Diffie-Hellman Exchange)

134
Q

What size WEP key did the original IEEE 802.11b specification use?

A

64-bit

135
Q

What network-connected systems can manage heating, ventilation, and air-conditioning controls?

A

SCADA (Supervisory control and data acquisition)

136
Q

What systems are antiquated computers that performed advanced tasks in the place of mainframe systems and are no longer widely in use?

A

Minicomputers

137
Q

Which term indicates the length of time a device is expected to last in operation, and only a single, definitive failure will occur and will require that the device be replaced rather than repaired?

A

MTTF (Mean Time to Failure)

138
Q

Which term represents the manufacturer’s best guess (based on historical data) regarding how much time will pass between major failures of that component. This assumes that more than one failure will occur, which means that the component will be repaired, rather than replaced.

A

MTBF (Mean Time Between Failure)

139
Q

Which term is the amount of time it takes for a hardware component to recover from failure.

A

(MTTR) Mean time to recovery

140
Q

Which of the following ports would be most likely to allow secure remote access into a system within a data center?

A

L2TP -> TCP Port 1701

141
Q

Risk assessment means evaluating which of the following elements?

A

Probability and Impact

142
Q

What ire suppression chemicals was banned in 1987 and can no longer be used in data centers?

A

Halon

143
Q

Which of the following is a protocol used to obtain the status of digital certificates in public keys?

A

OCSP (Online Certificate Status Protocol)

144
Q

(Blank) is a public key cryptography protocol used on small mobile devices, due to its low power and computing requirements?

A

ECC (Elliptical Curve Cryptography)

145
Q

(Blank) is a key negotiation and agreement protocol used in public-key cryptography.

A

DHE (Diffie-Hellman Exchange)

146
Q

Which two utilities are specifically used to diagnose DNS issues?

A

Dig and NSLookup

147
Q

Wissa is updating a printer driver on a Windows system. She downloads the latest driver from the manufacturer’s Web site. When installing the driver, Windows warns that the driver is unsigned. To which of the following threats is Wissa exposing her system?

A

Refactoring

148
Q

Which type of assessment is used to determine weaknesses within a system?

A

Vulnerability assessment

149
Q

Which type of assessment looks at events that could exploit vulnerabilities.

A

Threat Assessment

150
Q

Which type of assessment combination of assessments and is designed to assess factors, including likelihood and impact, that affect an asset.

A

Risk Assessment

151
Q

Which type of assessment actually attempts to exploit any found weaknesses to gain access to systems.

A

Penetration Test

152
Q

Which of the following types of factors could be used to describe a fingerprint-based method of logging in and authenticating to a touchscreen device?

A

Something you are

153
Q

What size is the initialization vector (IV) for the Temporal Key Integrity Protocol (TKIP), used in the WPA standard?

A

48 bit

154
Q

Which of the following methods of log management involves visiting each individual host to review its log files?

A

Decentralized

155
Q

What port does LDAP (The Lightweight Directory Application Protocol) use?

A

TCP 389

156
Q

What is the biggest difference between EAP-TLS and EAP-TTLS?

A

EAP-TLS needs server and client certificates; EAP-TTLS only needs server certificates.