Term Test 2 Flashcards

Question 1

Q

Which of the following is the most important aspect of security?
A. Physical security
B. Intrusion detection
C. Logical security
D. Awareness training

Answer

A

A. Physical Security

Question 2

Q

What method can be used to map out the needs of an organization for a new facility?
A. Log file audit
B. Crtical path analysis
C. Risk analysis
D. Inventory

Answer

A

B. Critical path analysis

Question 3

Q

What infrastructure component is often located in the same position across multiple floors in order to provide a convenient means of linking floor-based netowrks together?
A. Server room
B. Wiring closet
C. Datacenter
D. Media cabinets

Answer

A

B. Wiring closet

Question 4

Q

What is the most common form of perimeter security devices or mechanisms?
A. Security guards
B. Fences
C. CCTV
D. Lighting

Answer

A

D. Lighting

Question 5

Q

What is the most common cause of failure for water-based fire suppression system?
A. Whater shortage
B. People
C. Ionization detectors
D. Placement of detectors in drop ceilings

Answer

A

B. People

Question 6

Q

Accountability requires all of the following items except one. Which item is not required for accountability?
A. Identification
B. Authentication
C. Audting
D. Authorization

Answer

A

D. Authorization

Question 7

Q

Which of the following is an example of a Type 2 authentication factor?
A. Something you have
B. Something you are
C. Something you do
D. Something you know

Answer

A

A. Something you have

Question 8

Q

Your organization issues devices to employees. These devices generate one-teim passwords every 60 seconds. A server hosted within th eorganization knows what this password is at any given time. What type of device is this?
A. Synchronous token
B. Asynchronous token
C. Smartcard
D. Common access card

Answer

A

A. Synchronous token

Question 9

Q

A biometric system has falsely rejected a valid user, indicating that the user is not recognized. What type of error is this?
A. Type 1 error
B. Type 2 error
C. Crossover error rate
D. Equal error rate

Answer

A

A. Type 1 error

Question 10

Q

What is the primary purpose of Kerberos?
A. Confidentiality
B. Integrity
C. Authentication
D. Accountability

Answer

A

C. Authentication

Question 11

Q

Which of the following authentication, authorization, and accounting (AAA) protocols is based on RADIUS and supports Mobile IP and Voice over IP?
A. Distributed access control
B. Diameter
C. TACACS+
D. TACACS

Answer

A

B. Diameter

Question 12

Q

What is the most common and inexpensive form of physical access control device?
A. Lightning
B. Security guard
C. Key locks
D. Fences

Answer

A

C. Key locks

Question 13

Q

Which of the following is not a typical type of alarm that can be triggered for physical security?
A. Preventive
B. Deterrent
C. Repellant
D. Notification

Answer

A

A. Preventive

Question 14

Q

What is the most important goal of all security solutions?
A. Prevention of disclosure
B. Maintaining integrity
C. Human safety
D. Sustaining availability

Answer

A

C. Human safety

Question 15

Q

What is the ideal humidity range for a computer room?
A. 20-40 percent
B. 40-60 percent
C. 60-75 percent
D. 80-95 percent

Answer

A

B. 40-60 percent

Question 16

Q

Which of the following is typically not a culprit in causing damage to computer equipment in the event of a fire and a triggered suppression?
A. Heat
B. Suppression medium
C. Smoke
D. Light

Question 17

Q

Which cryptographic algorithm forms the basis of the El Gamal cryptosystem?
A. RSA
B. Diffie-Hellman
C. 3DES
D. IDEA

Answer

A

B. Diffie-Hellman

Question 18

Q

If Richard wants to send an encrypted message to Sue using a public key cryptosystem, which key does he use to encrypt the message?
A. Richard's public key
B. Richard's private key
C. Sue's public key
D. Sue's private key

Answer

A

C. Sue’s public key

Question 19

Q

If a 2,0480bit plaintext message were encrypted with the El Gamal public key cryptosystem, how long would the resulting cipher text message be?
A. 1,024 bits
B. 2048 bits
C. 4,096 bits
D. 8,192 bits

Answer

A

C. 4,096 bits

Question 20

Q

Acme Widgets currently uses a 1,024-bit RSA encryption standard companywide. The company plans to convert from RSA to an elliptic curve cryptosystem. If it wants to maintain the same cryptographic strength, what ECC key length should it use?
A. 160 bits
B. 512 bits
C. 1,024 bits
D. 2,048 bits

Answer

A

A. 160 bits

Question 21

Q

John wants to produce a message digest of a 2, 048-byte message he plans to send to Mary. If he uses the SHA-1 hashing algorithm, what size will the message digest for this particular message be?
A. 160 bits
B. 512 bits
C. 1,024 bits
D. 2, 048 bits

Answer

A

A. 160 bits

Question 22

Q

What is system accreditation?
A. Formal acceptance of a stated system configuration
B. A functional evaluation of the manufacturer’s goals for each hardware and software component to meet integration standards
C. Acceptance of test results that prove the computer system enforces the security policy
D. The process to specify secure communication between machines

Answer

A

A. Formal acceptance of a stated system configuration

Question 23

Q

What is a closed system?
A. A system designed around final, or closed, standards
B. A system that includes industry standards
C. A proprietary system that uses unpublished protocols
D. Any machine that does not run Windows

Answer

A

C. A proprietary system that uses unpublished protocols

Question 24

Q

What is a security control?
A. A security component that stores attributes that describe an object
B. A document that lists all data classification types
C. A list of valid access rules
D. A mechanism that limits access to an object

Answer

A

D. A mechanism that limits access to an object

Question 25

Q

What is a trusted computing base (TCB)?
A. Hists on you network that support secure transmissions
B. The operating system kernel and device drivers
C. The combination of hardware, software, and controls that work together to enforce a security policy
D. The software and controls that certify a security policy

Answer

A

C. The combination of hardware, software, and controls that work together to enforce a security policy

Question 26

Q

What part of the TCB concept validates access to every resource prior to granting the requested access?
A. TCB partition
B. Trusted library
C. Reference monitor
D. Security kernel

Answer

A

C. Reference monitor

Question 27

Q

Many PC operating systems provide functionality that enables them to support the simultaneous execution of multiple applications on a single-processor systems. What term is used to describe this capability?
A. Multiprogramming
B. Multithreading
C. Multitasking
D. Multiprocessing

Answer

A

C. Multitasking

Question 28

Q

What technology provides an organization with the best control over BYOD equipment?
A. Application whitelisting
B. Mobile device management
C. Removable storage
D. Geotagging

Answer

A

B. Mobile device management

Question 29

Q

Which of the following is true related to a subject?
A. A subject is always a user account.
B. The subject is always the entity that provides or hosts the information or data.
C. The subject is always the entity that receives information about or data from an object.
D. A single entity can never change roles between subject and object.

Answer

A

C. The subject is always the entity that receives information about or data from an object.

Question 30

Q

Which of the following types of access control uses fences, security policies, security awareness training, and antivirus software to stop an unwanted or unauthorized activity from occurring?
A. Preventive
B. Detective.
C. Corrective
D. Authoritative

Answer

A

A. Preventive

Question 31

Q

Which of the following best expresses the primary goal when controlling access to assets?
A. Preserve confidentiality, integrity, and availability of systems and data.
B. Ensure that only valid objects can authenticate on a system.
C. Prevent unauthorized access to subjects.
D. Ensure that all subjects are authenticated.

Answer

A

A. Preserve confidentiality, integrity, and availability of systems and data

Question 32

Q

A user logs in with a login ID and a password. What is the purpose of the login ID?
A. authentication
B. Authorization
C. Accountability
D. Identification

Answer

A

D. Identification

Question 33

Q

You have three applications running on a single-core single-processor system that supports multitasking. One of those applications is a word processing program that is managing two threads simultaneously. The other two applications are using only one thread of execution. How many applications threads are running on the processor at any given time?
A. One
B. Two
C. Three
D. Four

Question 34

Q

What is a security risk of an embedded system that is not commonly found in a standard PC?
A. Software flaws
B. Access to the Internet
C. Control of a mechanism in the physical world
D. Power loss

Answer

A

C. Control of a mechanism in the physical world

Question 35

Q

What type of memory chip allows the end user to write information to the memory only one time and then preserves that information indefinitely without the possibility of erasure?
A. ROM
B. PROM
C. EPROM
D. EEPROM

Question 36

Q

Which type of memory chip can be erased only when it is removed from the computer and exposed to a special type of ultra violet light?
A. ROM
B. PROM
C. EPROM
D. EEPROM

Question 37

Q

Which one of the following types of memory might retain information after being removed from a computer and, therefore, present a security risk?
A. Static RAM
B. Dynamic RAM
C. Secondary memory
D. Real memory

Answer

A

C. Secondary memory

Question 38

Q

Which security models are built on a state machine model?
A. Bell-LaPadula and Take-Grant
B. Biba and Clark-Wilson
C. Clark-Wilson and Bell-LaPadula
D. Bell-LaPadula and Biba

Answer

A

A. Bell-LaPadula and Biba

Question 39

Q

Which security model addresses data confidentiality?
A. Bell-LaPadula
B. Biba
C. Clark-Wilson
D. Brewer and Nash

Answer

A

A. Bell-LaPadula

Question 40

Q

What is the implied meaning of the simple property of Biba?
A. Write down
B. Read up
C. No write up
D. No read down

Answer

A

B. Read up

Question 41

Q

What is the best definition of a security model?
A. A security model states policies an organization must follow.
B. A security model provides a framework to implement a security policy.
C. A security model is a technical evaluation of each part of a computer system to assess its concordance with security standards.
D. A security model is the process of formal acceptance of a certified configuration.

Answer

A

B. A security model provides a framework to implement a security policy.

Question 42

Q

Which Bell-LaPadula property keeps lower-level subjects from accessing objects with a higher security level?
A. (star) Security Property
B. No write up property
C. No read up property
D. No read down property

Answer

A

C. No read up property

Question 43

Q

What encryption technique does a WPA use to protect wireless communications?
A. TKIP
B. DES
C. 3DES
D. AES

Question 44

Q

Richard wants to digitally sign a message he's sending to Sue so that Sue can be sure the message came from him without modification while in transit. Which key should he use to encrypt the message digest?
A. Richard's public key
B. Richard's private key
C. Sue's public key
D. Sue's private key

Answer

A

B. Richard’s private key

Question 45

Q

Which International Telecommunications Union (ITU) standard governs the creation and endorsement of digital certificates for secure electronic commmunication?
A. X.500
B. X.509
C. X.900
D. X.905

Question 46

Q

What type of cryptographic attack rendered Double DES (2DES) no more effective than the standard DES encryption?
A. Birthday attack
B. Chosen siphertext attack
C. Meet-in-the-middle attack
D. Man-in-the-middle attack

Answer

A

C. Meet-in-the-middle attack

Question 47

Q

What is the major disadvantage of using certificate revocation lists?
A. Key management
B. Latency
C. Record keeping
D. Vulnerability to brute-force attacks

Answer

A

B. Latency

Question 48

Q

What is the most effective means of reducing the risk of losing data on a mobile device, such as a notebook computer?
A. Defining a strong logon password
B. Minimizing sensitive data stored on the mobile device
C. Using a cable lock
D. Encrypting the hard drive

Answer

A

B. Minimizing sensitive data stored on the mobile device

Question 49

Q

Which one of the following storage devices is most likely to require encryption technology in order to maintain data security in a networked environment/
A. Hard disk
B. Backup tape
C. Removable drive
D. RAM

Answer

A

C. Removable drives

Question 50

Q

What type of electrical component serve as the primary building block for dynamic RAM chips?
A. Capacitor
B. Resistor
C. Flip-flop
D. Transistor

Answer

A

A. Capacitor

Question 51

Q

The most commonly overlooked aspect of mobile phone eavesdropping is related to which of the following?
A. Storage device encryption
B. Screen locks
C. Overhearing conversations
D. Wireless networking

Answer

A

C. Overhearing conversations

Question 52

Q

What type of memory device is usually used to contain a computer's motherboard BIOS?
A. PROM
B. EEPROM
C. ROM
D. EPROM

Answer

A

B. EEPROM

Question 53

Q

What security principle helps prevent users from accessing memory spaces assigned to applications being run by other users?
A. Separation of privilege
B. Layering
C. Process isolation
D. Least privilege

Answer

A

C. Process isolation

Question 54

Q

Which security principle mandates that only a minimum number of operating system processes should run in supervisory mode?
A. Abstraction
B. Layering
C. Data hiding
D. Least privilege

Answer

A

D. Least privilege

Question 55

Q

Which security principle takes the concept of process isolation and implements it using physical controls?
A. Hardware segmentation
B. Data hiding
C. Layering
D. Abstraction

Answer

A

A. Hardware segmentation

Question 56

Q

What is system certification?
A. Formal acceptance of a stated system configuration
B. A technical evaluation of each part of a computer system to assess its compliance with security standards
C. A functional evaluation of the manufacturer’s goals for each hardware and software component to meet integration standards
D. A manufacturer’s certificate stating that all components were installed and configured correctly

Answer

A

B. A technical evaluation of each part of a computer system to assess its compliance with security standards

Question 57

Q

What type of memory is directly available to the CPU and is often part of the CPU?
A. RAM
B. ROM
C. Register memory
D. Virtual memeory

Answer

A

C. Register memory

Question 58

Q

At what voltage level can static electricity cause destruction of data stored on hard drives?
A. 4, 000
B. 17, 000
C. 40
D. 1, 500

Answer

A

D. 1, 500

Question 59

Q

What type of access controls are hardware or software mechanisms used to manage access to resources and systems, and provide protection for those resources and systems?
A. Administrative
B. Logical/techincal
C. Physical
D. Preventive

Answer

A

B. Logical/technical

Question 60

Q

Which of the following best identifies the benefit of a passphrase?
A. It is short.
B. It is easy to remember.
C. It includes a single set of characters.
D. It is easy to crack.

Answer

A

B. It is easy to remember

Question 61

Q

Scenario: An administrator has been working within an organization for over 10 years. He has moved between different IT divisions within the company and has retained privileges from each of the jobs that he’s had during his tenure. Recently, supervisors admonished him for making unauthorized changes to systems. He one again made an unauthorized change that resulted in an unexpected outage and management decided to terminate his employment at the company. He came back to work the following day to clean out his desk and belongings, and during this time he installed malicious script that was scheduled to run as a logic bomb on the first day of the following month. The script will change administrator passwords, delete files, and shut down over 100 servers in the datacenter.

Which of the following basic principles was violated during the administrator's employment?
A. Implicit deny
B. Loss of availability
C. Defensive privileges
D. Least privilege

Answer

A

D. Least pivilege

Question 62

Q

Scenario: An administrator has been working within an organization for over 10 years. He has moved between different IT divisions within the company and has retained privileges from each of the jobs that he’s had during his tenure. Recently, supervisors admonished him for making unauthorized changes to systems. He one again made an unauthorized change that resulted in an unexpected outage and management decided to terminate his employment at the company. He came back to work the following day to clean out his desk and belongings, and during this time he installed malicious script that was scheduled to run as a logic bomb on the first day of the following month. The script will change administrator passwords, delete files, and shut down over 100 servers in the datacenter.

What could have discovered problems with this user’s account while he was employed?
A. Policy requiring strong authentication
B. Multifactor authentication
C. Logging
D. Account review

Answer

A

D. Account review

Question 63

Q

Which of the following tools can be used to improve the effectiveness of a brute-force password cracking attack?
A. Rainbow tables
B. Hierarchical screening
C. TKIP
D. Random enhancement

Answer

A

A. Rainbow tables

Question 64

Q

Which of the following links would be protected by WPA encryption?
A. Firewall to firewall
B. Router to firewall
C. Client to wireless access point
D. Wireless access point to router

Answer

A

C. Client to wireless access point

Answer 59

A

B. Threat

Answer 60

A

C. Preventive

Answer 61

A

B. Shared secret

Answer 62

A

D. Renee’s public key

Answer 63

A

A. Bob’s private key

Answer 64

A

C. Non-repudiation

Answer 65

A

A. Simple security rule

Answer 66

A

D. Retinal scan

Answer 67

A

A. Authorization

Answer 68

A

D. Access card and PIN

Answer 69

A

C. Authentication

Answer 70

A

Hash function are unique algorithms that take a given message and produce a unique output value based on the input. The 5 basic hash function requirements are:

input can be of any length
output is a fixed length
the hash function is easy to compute for a given input
the hash function is one-way
the hash function is collision free (no duplicate outputs)

Brainscape's Knowledge GenomeTM

Term Test 2 Flashcards

Brainscape's Knowledge Genome^TM