CH. 7,8,9,10 Security

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

List at least three ways host vulnerability scanners are different from network vulnerability scanners

- Being more specialized - Requires high level access to thelocal host, typically administrative access - Gennerally only running against a single host

Your friend in another department asks you to help him understand some fundamental principles about encryption and clear text. Identify three important principles about the risk incurred by unencrypted credentials and clear text.

- It is important to protect the transfer of authorizing credentials between computer systems from unauthorized observations - to prevent credentials disclosure to unauthorized parties, they should never be transmitted acrross cleartext forms of communication in unencrypted form - subject to release in the event of an error that results in the credential information being presisted in a log or displayed on someones screen

A network scanner will usually list a port on a remote machine as oneof hich three classifications?

- Network scanners will typicallly return a ports status as either open, closed, or filtered

Your manager asks you to help understand som e fundamental principles about device configuration. Identify three important principles about device configuration.

- misconfigured devices are one of the more common security issues and can go completley unnoticed - many security controls depend upon a properly configured device to function properly - firewalls, content filters, and access points are all common systems with configuration that are critical for proper operation

Identify three essential policies an enterprise should have to properly managethe himan aspects of nework security.

- properly manage the human asspects of network security include policies on personal email - content filtering - acceptable use

List three methods of controlling unauthorized software.

- removing the user's ability to add software - using whitelisting or freeze technologies torestrict what can run on a machine - conducting regual audits to identify unauthorized software

what frequecy spectrum does bluetooth use?

2.4GHz

Which of the following is the data rate for bluetooth 4.0?

24 MBPS

What frequency spectrum does Wi-Fi use?

5 GHz

A user reports to the help desk that he is getting "Cannot resolve address" error messages from his browser. Which port is likely a problem of his firewall?

53

Which port does FTPS use?

990

Your organization has been hit with multiple targeted network attacks over the last few months resulting in two data breaches. To attempt to discover how the attackers are getting into your system, you set up a few vulnerable virtual machines with fake data on them that look like the organizations real machines. What defense mechanism have you built

A honeynet

Which of the following correctly defines Mobile Device Management (MDM)?

A marketing term for commonly employed protections for mobile devices

Why should you never use a network scannner on a network yu are not authorized to scan?

A network scanner or port scanner is the same tool tht an attacker would use.

which of the following properly defines data exfiltration?

An attacker attempts to steal a copy of your datta and export it from your system

Which of the following are the three nodes supported by Bluetooth 4.0?

Classic, high speed, low energy

A friend approaches you at a personal social event and says he waas unable to acess a popular website at work but other sites such as as new sites seemed to work. Identify the most likely culprit

Content filters,

What is the most common use of data sanitization tools?

Erasing hard drives before computers are recycled

what is the primary use of NEar Field Communicaiton (NFC)

Establish radio communciations over a short proximity

Which of the following is a risk typically related to certificates?

Failure to install a needed trust chain makes a key the should be trusten, untrusted

Which of the following is not an element of a good Mobile Device Management (MDM) policy?

The ability to decrypt data on the device

Whay is it important to establish polices governing remote wiping of mobile devices?

The are mosre susceptiable to loss than other devices

Which of the following is not ture about insider threats?

The best defense against insider threats is a single strong layer of defense

Which of the following is true about managing user premission issues?

The strength of this command is highly dependent on it being kept current and properly maintained

What is the most likely reason for access violation errors?

The user is unauthorized and is either making a mistake or is attempting to get past security

Which of the following accurately describes the purpose of computer protocols

They act as a common language to allow different components to communicate

What is the puropose of HTTPS

To use SSL or TLS to encrypt a channel over which HTTP traffic is transmitted

Which of the following correctly escribes ANT?

I functions well in the crowded 2.4-GHz spectrum

What is the main security concern with universal serial bus (USB) technology?

It automounts and acts like a hard drive atttached to the computer

What is a disadvantage of Infrate (IR) technology?

It cannot penetrate solid objects

What is the purpose of geofencing?

It enables devices to be recognized by location and have actions taken

What is the secure shell (SSH) protocol?

It is an encrypted remote terminal connection program used for remote connections to a server

Why should you compare hashes of the files you download from the internet to a library of known hash values?

It prevents the spread of malware by checking a file's Integrity

What is the purpose of the secure/multipurpose Internet mail Extensions (S/MINME) protocol?

It provides cryptographic protections to emails

What is the purpose of secure real-time transport protocol (SRTP)?

It securely delivers audio and video over IP networks

Whatis the purpose of the DNS protocol?

It translates names into IP addresses

Which of the following is a valid principle relevant to logs and events anomalies?

Its important ot determine what to log and what not to log

Which of the following is a weak ness of cellular technology?

Less avalibility in rural areas

There are reports of a worm going through your company that communicates to other nodes on port TCP?/1337. What tool would you use to find infected nodes on your network?

Network Scanner

What mechanism does Bluetooth use to establish a trust relationship

Pairing

Which of the following describes most network tools that are designed to detect an attack?

Passive

What two things can removable media control do to improve security?

Prevent infiltration of malware and prevent exfiltration of data

What is a weakness of the DNS protocol?

Request and replicates are sent in plaintext

What is the most common scenario for the use of satelite communication(SATCOM)?

Rual and remote areas or at sea

Your manager comes to you with an audit finding that 85 percent of the machines on your netwrok are vulnerable to a variety of different exploits. He wants you to verify the findings of the report. What would be the best tool for this?

Vulnerability Scanner

Identify the primary reason why perosonal email presents risks to the corporation

datat exfiltration pathway that is outside of corporate control, path for malware to enter the network, a path for malwae to enter user machines

which of the following is a benefit of DNSSEC?

enables origin authentication, authenticated denial of existence, and data integritty

which of the following is true about firewalls?

firewalls are network access olicy enforcement devices taht allow or block pasage of packets based on a ruleset

What is the purpose of the simple network management protocol (SNMP)?

it is used to manage devices on IP based network

What is the purpose of the Secure Sockets Layer (SSL) protocol?

it provides encryption for transport layer protocols across the web

Which of the following correctly describes Transport Layer Security (TLS)?

it replaces SSL

What is the purpose of Lightweight Directory Access Protocol Secure (LDAPS)?

it uses an SSL/TLS tunnel to connect LDAP Services

Identify three reasons why poorly trained users present as significant security challenge.

personnel can violate policies lack situational awareness, or willful disobedience

you are a security admin for XYZ company. you suspect that company emails using default POP and IMAP email protocoals and ports are getting intercepted while in transit. Whic of the following ports hould you consider using?

port 995 and 993

The tcpdump command-line tool is classified as which of the following?

protocol analyzer

What kind of tool is wireshark?

protocol analyzer

Which of the following is not a risk related to social media?

visable training programs can helpmitigate social media risks


Kaugnay na mga set ng pag-aaral

representations; material misrepresentations; fraud

View Set

Chapter 3- Void and Voidable Marriages Overview

View Set