Final - Security+

¡Supera tus tareas y exámenes ahora con Quizwiz!

Which RAID level provides for no fault tolerance?

RAID 0

Which document is used to propose a new standard?

RFC

Which organization is primarily interested in developing the World Wide Web and its associated technologies?

W3C

A major organization in the tracking and reporting of common computer and network security problems is ___________________.

IEEE or CERT (RESEARCH)

Which organization is tasked with developing standards for, and tries to improve, the Internet.

IETF

If SLE is calculated at $2,500 and there are an anticipated 4 occurrences a year (ARO), then ALE is:

10000

Which port should be closed on systems to prevent the unauthorized running of programs?

111

Which of the following is NOT an asymmetric encryption algorithm?

3DES

According to the TCP/IP model, HTTP functions at which layer?

Application

Which of the following is the process of ensuring that policies, procedures, and regulations are carried out in a manner consistent with organizational standards?

Auditing

Which of the following is an attack where a program or service is placed on a server to bypass normal security procedures?

Back Door

Which encryption algorithm uses a 40 to 128-bit key and is used on many products from Microsoft and IBM?

CAST

Individuals who specialize in the breaking of codes are known as ___________________.

Cryptanalysts

Which access control method model allows the owner of a resource to grant privileges to information they own?

DAC

You are the administrator of the xyz.com website. You are working when suddenly web server and network utilization spikes to 100% and stays there for several minutes and users start reporting "Server not available" errors. You may have been the victim of what kind of attack?

DoS

Which access control model is a static model that uses predefined access privileges for resources that are assigned by the administrator?

MAC

Which specification is a fairly accurate estimation of how long a component will last?

MTBF

Which U.S. government agency publishes lists of known vulnerabilities in operating systems?

NIST

Which PKCS standard is the standard for password-based cryptography?

PKCS 5

The area of an application that is available to users (those who are authenticated as well as those who are not) is known as its:

attack surface

Which type of attack is one in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit?

Evil twin

A ___________________ is used to provide EMI & RFI shielding for an entire room of computer or electronic equipment (also used to prevent eavesdropping).

Faraday cage

Which U.S. regulation dictates the standards for storage, use, and transmission of personal medical information?

HIPAA

The process of making a computing environment more secure from attacks and intruders is known as ___________________.

Hardening

A ___________________ is a repair made while the system being repaired remains in operation

Hotfix

Which of the following is NOT a routing protocol?

ICMP

Which organization is concerned with defining technology and other electrical standards?

IEEE

Wireless Ethernet conforms to which IEEE standard?

IEEE 802.11

Which type of policy determines if information is secret, top-secret, or public?

Information classification policies

Which of the following will NOT contribute to network hardening?

Installing new anti-virus software on workstations

___________________ are used to monitor a network for suspect activity

Intrusion Detection System

Which access control method model allows the owner of a resource to grant privileges to information they own?

Kerberos

A firewall operating as a ___________________ firewall will pass or block packets based on their application or TCP port number.

Packet filter

On the outer edge of physical security is the first barrier to entry. This barrier is known as a(n) ___________________.

Perimeter

Which encryption/security measure, originally developed by Netscape, is used to establish a secure, lower-layer communication connection between two TCP/IP-based machines?

Secure Sockets Layer SSL

You require your ISP to keep your Internet connection up 99.999% of the time. In which document would this condition be placed?

Service level agreement

Which remote access protocol, implemented almost exclusively by Cisco, is a central server providing remote access usernames that dial-up users can use for authentication.

TACACS+

You have taken out an insurance policy on your data/systems to share some of the risk with another entity. What type of risk strategy is this?

Transference

Which fire extinguisher type is the best to be used on computer equipment in the case of a computer fire?

Type C

Which hypervisor model needs the operating system to be up and cannot boot until it is?

Type II

Which "X." standard defines certificate formats and fields for public keys?

X.509

Which of the following is NOT one of the three cloud service models recognized by the NIST?

XaaS

___________________ is the process of keeping services and systems operational during a time of outage

high availability

Which U.S. government agency is responsible for creating and breaking codes?

NSA

Which security standard is used to encrypt e-mails?

S/MIME

Which hashing algorithm uses a 160-bit hash value?

SHA

Which of the following is NOT a tunneling protocol?

SLIP

If you wanted to connect two networks securely over the Internet, what type of technology could you use?

VPN

802.11 connections using WAP.

WTLS

In order to run "sniffer" software properly, the NIC in the computer running the software must be set to:

Promiscuous Mode


Conjuntos de estudio relacionados

Series 7: Analysis- Technical Analysis

View Set

Unit Test: Nineteenth-Century England 96% NOT ALL CORRECT

View Set

11 CP American Literature Vocab Unit 6 synonyms

View Set

CH 17 Cardiac Function and Assessment

View Set

Sustainability Course 4 - Eco Design

View Set

Coincidence,Correlation and Causeation

View Set