Security+ 501 Test 2 Flashcards
Which of the following can be established in a cloud environment through effective security controls and well-written service-level agreements?
Responsibility and Accountability
Accountability and responsibility can be established through effective security controls and well-written service-level agreements.
Which regulation would guide a healthcare organization to protect the confidentiality of stored patient data adequately?
HIPAA
Which regulation covers the risk management of U.S. Department of Defense systems
RMF (Risk Management Framework)
Which regulations are involved with financial data?
Sarbanes-Oxley and PCI (Payment Card Industry)
What type of system involves the use of a common authentication system and credentials database that multiple entities use and share.
A Federated System
What type of system shows one party trusts another but not the reverse?
One way trust
What type of system shows if entity B trusts entity A and entity C trusts entity B then entity C trusts entity A?
.A transitive Trust
Which of the following are usually annoying advertisements that come in the form of pop-up messages in a user’s browser?
Adware
A (Blank) is a piece of malicious software that must be propagated through a definite user action.
Virus
A (Blank) is a piece of software that seems to be of value to the user, but in reality, is malware.
Trojan
A (Blank) is a script set to execute at a certain time, which is usually created by rogue administrators or disgruntled employees.
Logic Bomb
Which of the following requires team members to go through the motions of fulfilling the responsibilities and conducting the activities required during an actual incident or disaster?
Walkthrough test
A (blank) is the simplest form of test, in which the business continuity plan, disaster recovery plan, and associated documents are reviewed by relevant personnel including managers, recovery team members, and anyone else who may have responsibilities directly affecting plans.
Documentation Review
In a (Blank), all personnel are usually involved and may actually conduct activities as they would during a real incident. This type of test is more complex and normally requires extensive resources, such as people and equipment, so it is typically conducted infrequently.
Full-Scale Test
Which is the most common public-private key generation algorithm used in public-key cryptography?
RSA (Rivest-Shamir-Adleman)
(Blank) is a key exchange protocol used in public-key cryptography. It is used to negotiate, agree upon, and establish a secure session between two parties.
(ECDH) Elliptic Curve Diffie-Hellman
(blank) is used to generate message digests for plaintext. It is not used in public-key cryptography to exchange keys or establish secure sessions.
SHA-2 (Secure Hashing Algorithm - 2)
What is a logging facility found in UNIX and Linux systems?
Syslog
What type of log management involves collecting logs from across the network into one system and being able to review them as a group.
Centralized
(blank) is a centralized method of obtaining logs and other data from disparate devices across the network.
SIEM (Security Information Event Management)
What type of log management means that logs are managed and reviewed on a host-by-host basis, rather than as a centralized, consolidated group.
Decentralized
What is it called when someone keeps getting new privileges but nothing ever gets turned off?
Privilege Creep
(Blank) means that administrators never give a user account more rights and permissions than is needed for the user to do his or her job.
least privilege
(Blank) indicates the level of errors that the system may generate indicating that unauthorized users are identified and authenticated as valid users in a biometric system.
False acceptance rate
Which of the following is most appropriate if you have limited external public IP addresses available, but a requirement to share those IP addresses with internal hosts that must connect to the public Internet?
NAT firewall
Using network address translation (NAT) in conjunction with a firewall enables you to share one external address with multiple internal hosts that require external addresses for their connectivity.
What type of control assists and mitigates the risk an existing control is unable to mitigate?
Compensating
What type of control is used to correct a condition when there is either no control at all, or the existing control is ineffective.
Corrective
What is the difference between deterrence and preventative controls?
A deterrent control and a preventive control is that it is necessary to have knowledge of the deterrent control for it to work. Users do not need to have knowledge of a preventative control for it to function.
What type of attack attempts to send unsolicited ARP messages to a client to add false entries to its ARP cache?
ARP Poisoning
What type of attack is an attempt to hijack a user’s Web browsing session by stealing cookies or using other network attack methods.
Session Hijacking
What solutions allow applications that users can download, install, and execute to be added to a safe list?
Whitelisting
(Blank) involves an administrator adding undesirable or restricted software or applications to a list on content filtering devices, in group policy, or through some other type of mechanisms. This ensures that users are not allowed to download, install, or execute these particular applications.
Blacklisting
What security controls should be implemented to make sure that users require previous knowledge of the network identifier to join a network?
Disable SSID Broadcasting
broadcasting if you’re not actively broadcasting your network name. When this control is implemented, a user must know the name of the network before he or she can connect to it.
Which of following uses geolocation features to ensure that a mobile device does not leave specific areas of corporate property?
Geofencing
Which type of cloud service is for use by only one organization and is usually hosted by that organization’s infrastructure?
private
What type of cloud service is for use by similar organizations or communities, such as universities or hospitals, that need to share common data.
Community
What type of cloud service is is usually operated by a third-party provider that sells or rents “pieces” of the cloud to different entities, such as small businesses or large corporations.
Public
(Blank) can enable users to perform their work via a browser, from anywhere they have Internet connectivity. This can be configured either to allow a local copy along with the cloud copy of the data, or the data can be edited directly within the cloud.
Cloud Services
(Blank) allows multiple virtual machines to run on the same piece of hardware.
Virtualization
Disabling ________ will help prevent security issues caused by having ping and traceroute enabled.
ICMP
ICMP is the protocol used by the ping and traceroute utilities for network diagnostics, and it should be disabled unless it’s being used for important purposes.
A virtual LAN (VLAN) does NOT offer which of the following security controls?
- Creates Broadcast domains
- Allows different security policies to be applied to different hosts
- Allows physical segmentation of hosts by IP subnet
- Allow logical segmentation of hosts by IP subnet
3.Allows physical segmentation of hosts by IP subnet
VLANS do not physically segment hosts; they logically segment them.
Which of the following processes uses auditing to ensure that users are traced to and held responsible for their actions?
Accountability
(Blank) is the process of controlling access to resources through methods that include permissions, rights, and privileges.
Authorization
(Blank) is the process of validating that a user’s credentials are correct after they have presented them through the identification process.
Authentication
(Blank) is the process of reviewing logs and other audit trails to determine what actions have been performed on systems and data.
Auditing
Which of the following describes a false acceptance rate?
Type II error and when an unauthorized user is validated as authorized
Which of the following technologies enables communication between devices using a beam of light?
Infrared
What is normally the job of a senior leader within the incident response team?
Notifying and coordinating with senior management and law enforcement officials is normally the job of a senior leader within the incident response team.
Which of the following fire suppression chemicals widely replaced halon in data center fire suppression systems?
Fm-200
Which of the following terms describes someone who hacks into systems, with permission of the system’s owner, to discover exploitable vulnerabilities and help secure the system?
White Hat Hacker
Who is someone that uses his or her skills for both good and evil purposes?
Grey Hat Hacker
The United States Department of Defense uses a specific form of personal identification verification (PIV) card called?
CAC (common access control)
(Blank) is an algorithm used to generate one-time passwords
HOTP (HMAC-based one-time password)