Security+ 501 Test 1 Flashcards
- What do you use to encrypt a message to send to someone? 2. What do they use to decrypt it?
- Public Key
2. Private Key
What following secure e-mail protocols is carried over an SSL or TLS connection and uses TCP port 993?
IMAPS
What is a server-side e-mail protocol and is not used over SSL or TLS?
SMTP (Simple Mail Transfer Protocol)
What is is a non-secure client-side e-mail protocol that uses TCP port 110?
POP3 (Post Office Protocol 3)
What is is a non-secure client-side e-mail protocol that uses TCP port 143?
IMAP4 (Internet Mail Access Protocol version 4)
What form of Load Balancing assigns to each server in order, then returns to the first server assigns to each server in order, then returns to the first server?
Round Robin
What form of Load Balancing keeps a client’s sessions connected to the server that’s keeping the session?
Affinity Scheduling
What is a point-in-time backup of certain key configuration settings of a virtual machine, allowing the VM to be restored back to that point in time if it suffers a crash or other issue?
Snapshot
What is a Microsoft Windows type of backup that backs up critical files used by the operating system to restore it in the event of a system crash or other issue?
System State Backup
What protocols would you use to encrypt VPN traffic?
IPsec
What port does DNS use?
TCP and UDP port 53
What port does SSH use?
22
What port does SMTP use?
25
What port is HTTP used?
80
What technique separates applications from one another and does not allow them to share execution, user, or data space?
Sandboxing
What technique enables an administrator to determine which applications and other software the user is allowed to install and execute?
Whitelisting
What technique is used to separate different sensitivities of data, such as corporate and personal data on a mobile device?
Containerization
What is a method that enables administrators to restrict users from installing and executing certain applications?
Blacklisting
Which of the following is a key agreement protocol used in public-key cryptography?
Elliptic Curve Diffie-Hellman (ECDH)
What is the most common public-private key generation algorithm used in public-key cryptography? It is used to generate a public and private key pair.
RSA (Rivest-Shamir-Adleman)
What is used to generate message digests for plaintext? It is not used in public-key cryptography to exchange keys or establish secure sessions.
SHA-2
Which of the following concepts should be the most important consideration when determining how to budget properly for security controls?
Risk and Impact
What form of authentication passes credentials in clear text and is not recommended for use?
PAP
What form of authentication uses password hashes and challenge methods to authenticate to the system. Passwords are not passed in clear text with this protocol.
CHAP (Challenge Handshake Authentication Protocol)
What form of authentication is a modern authentication framework that can use various authentication methods for both wired and wireless networks? It also does not pass username and password information in clear text.
EAP (Extensible Authentication Protocol)
(Blank) typically involves checking traffic on a network device based upon specific characteristics.
Filtering
What is an older form of attack where a malicious/compromised Web site places invisible controls on a page, giving users the impression they are clicking some safe item that actually is an active control for something malicious?
Clickjacking
(Blank) adds malicious information to HTTP headers?
Header Manipulation
What type of attack means to add malicious information or code, often by using a Trojan horse?
Man-in-the-Browser
(Blank) attempt to access privilege escalation by forcing a buffer to cause an error.
Buffer Overflows
What is typically created for a single Web browsing session and is generally not carried across different sessions?
Session Cookies
(Blank) cookies are saved and used between various Web sessions?
Persistent
Which of the following enables a user to provide one set of credentials to the system and use those credentials throughout other interconnected systems?
Single Sign-On
What method of authentication uses several different factors to authenticate to a system, such as something you know, something you are, and something you have.
Multi-Factor
What method of authentication uses only one factor, such as something you know, to authenticate to a system. It can also be used in a single sign-on environment but is not required.
Single Factor
What method of authentication can appear to be similar to single sign-on, but it requires all individual systems simply to accept credentials passed from another system without a unified approach.
Pass-through
Which of the following authentication protocols uses a series of tickets to authenticate users to resources, as well as timestamps to prevent replay attacks?
Kerberos
What is the error caused by rejecting an authorized user; it is also called a Type I error
False Rejection Rate
What is the error caused when an unauthorized user is validated as authorized, also referred to as a Type II error.
False Acceptance Rate
Which two secure protocols protects traffic during transmission and uses TCP port 443?
SSL and TLS
Both SCP and SSH use which TCP port
22
UDP uses UDP port (blank) and is totally unsecure.
69
If a person knows a control exists, and this control keeps him or her from performing a malicious act, what type of control would this be classified as?
deterrent
What control assists and mitigates the risk when an existing control is unable to do so.
Compensating
What protocol uses a management information base (MIB) to provide detailed device-specific information to a central management console?
SNMP (Simple Network Management Protocol)
What protocol is responsible for sending e-mail?
SMTP (Simple Mail Transport Protocol)
(Blank) is a log server found in UNIX and Linux systems?
Syslog
What is the process of marking a photo or other type of media with geographical location information using the GPS of a mobile device?
Geotagging
(Blank) is the use of a device’s GPS features to determine device location, locate points of interest, and gather other useful information?
Geotagging
(Blank) is the use of geolocation features to ensure that a mobile device does not leave specific areas of corporate property.
Geofencing
Which type of network intrusion detection system (NIDS) develops a baseline of normal traffic so it can detect deviations in this traffic that might indicate an attack?
Anomaly-Based System
Which type of network intrusion detection system (NIDS) use predefined rule sets?
Rule-Bases System
Which type of network intrusion detection system (NIDS) uses routers and firewalls, base detection on access control lists that specify traffic that is permitted and denied?
Filter-based systems
Which type of network intrusion detection system (NIDS) use predefined traffic signatures that are typically downloaded from a vendor?
Signature-based systems
Which of the following is the simplest form of disaster recovery exercise?
The documentation review
What form of disaster recovery exercise goes through the motions of fulfilling the responsibilities and conducting the activities required during an incident or disaster?
Walkthrough test
In what form of disaster recovery exercise all personnel are usually involved and may actually conduct activities as they would during a real incident. This type of test is more complex and normally requires extensive resources, such as people and equipment, so it is typically conducted infrequently.
Full Scale
Which of the following details the specific access levels that individuals or entities may have when interacting with objects?
ACL (Access Control List)
For which of the following should employees receive training to establish how they are to treat information of different sensitivity levels?
Information Classification
What policy instructs employees to not leave sensitive data unattended, as well as data disposal policies, can be included in the information and data handling policies, but these are very specific instances and don’t cover all information or all scenarios where an employee would be in a position to treat data with care
Clean Desk Policy
During which type of assessment would penetration testers not have any knowledge about the network and network defenders have no knowledge of the test itself?
Double-Blind Test
During which type of assessment only the testers have no knowledge of details about this network configuration. This type of test is also referred to as a blind test.
Black Box