Network Security Fundamentals

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which method of code breaking tries every possible combination of characters in an attempt to "guess" the password or key?

Brute Force

What is the term used for events that were mistakenly flagged although they weren't truly events about which you need to be concerned?

False positives

A ___________________ is used to provide EMI & RFI shielding for an entire room of computer or electronic equipment (also used to prevent eavesdropping).

Faraday Cage

Which of the following allows an attacker to identify vulnerabilities within a closed source software application by inputting unexpected values in order to make it crash?

Fuzzing

The process of making certain that an entity (operating system, application, etc.) is as secure as it can be is known as:

Hardening

Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?

Load Balancer

Which of the following is a passive method of threat response?

Logging the event

What TCP port does HTTP use?

Port: 80

Which access control method model grants rights or privileges based on their job function or position held?

RBAC

Public keys are used for which of the following?

Decrypting the hash of an electronic signature

Which plan or policy helps an organization determine how to relocate to an emergency site?

Disaster Recovery Planning

You have taken out an insurance policy on your data/systems to share some of the risk with another entity. What type of risk strategy is this?

Transference

Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?

Clean desk policy

___________________ are used to monitor a network for suspect activity.

Intrusion Detection System

A certificate authority (CA) is an organization that is responsible for doing which three of the following with certificates (choose three)?

Issuing, Revoking, Distributing

Wireless Ethernet conforms to which IEEE standard?

IEEE 802.11

A firewall operating as a ___________________ firewall will pass or block packets based on their application or TCP port number.

Packet-filter

If SLE is calculated at $2,500 and there are an anticipated 4 occurrences a year (ARO), then ALE is:

$10,000

What would the Annualized Loss Expectancy be for the asset (the printing press) in the previous question if a fire that might damage the press in that manner occurred once every 15 years?

$6,133.33

Your company owns a printing press worth $100,000. If it were damaged in a fire, it would be worth $8,000 in parts. What would the single loss expectancy (SLE) be?

$92,000

Which of the following is NOT an asymmetric encryption algorithm?

3DES

A newly hired junior administrator will assume your position temporarily while you attend a conference. You're trying to explain the basics of security to her in as short a period of time as possible. Which of the following best describes an ACL?

ACLs provide individual access control to resources.

A(n) ___________________ is a message from the analyzer indicating that an event of interest has occurred.

Alert

The HTTP protocol functions at which layer of the TCP/IP model?

Application

The area of an application that is available to users (those who are authenticated as well as those who are not) is known as its:

Attack Surface

With which of the following is RAID MOST concerned?

Availabilty

Which of the following is an attack where a program or service is placed on a server to bypass normal security procedures?

Back Door

A ___________________ security device uses some biological characteristic of human beings to uniquely identify a person for authentication.

Biometric

A major organization in the tracking and reporting of common computer and network security problems is ___________________.

CERT -Computer Emergency Response Team

Which of the following reduces the likelihood of a single point of failure when a server fails?

Clustering

Which of the following concepts ensures that the data is only viewable to authorized users?

Confidentiality

You are the administrator of the sybex.com website. You are working when suddenly web server and network utilization spikes to 100% and stays there for several minutes and users start reporting "Server not available" errors. You may have been the victim of what kind of attack?

DOS

Which access control method model allows the owner of a resource to grant privileges to information they own?

DAC

Servers or computers that have two NIC cards, each connected to separate networks, are known as what type of computers?

Dual-homed

Which type of attack is one in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit

Evil Twin

Which of the following file systems is from Microsoft and was included with their earliest operating system

FAT

Which of the following devices are the first line of defense for networks connected to the Internet?

Firewalls

Separation of duties policies are designed to reduce the risk of what?

Fraud

Which of the following is a concept that works on the assumption that any information created on any system is stored forever?

Full Archival Method

Which is a complete, comprehensive backup of all files on a disk or server?

Full Backup

Which U.S. regulation dictates the standards for storage, use, and transmission of personal medical information

HIPPA

The process of making a computing environment more secure from attacks and intruders is known as ___________________.

Hardening

A ___________________ is a system designed to fool attackers into thinking a system is unsecured so they will attack it. Then the "victim" will learn their attack methods without compromising a live system.

Honeypot

In TCP/IP parlance, any computer or device with an IP address on a TCP/IP network is known as a(n):

Host

What command can you use to determine the MAC address on a Linux system?

Ifconfig

Which of the following is MOST likely to be the last rule contained on any firewall?

Implicit Deny

___________________ is the first step in the incident response cycle.

Incident Identification

Which authentication method uses a Key Distribution Center (KDC)?

Kerberos

Instead of giving a security administrator full administrative rights on the network, the administrator is given rights only to review logs and update security related network devices. Additional rights are handed out to network administrators for the areas that fall within their job description. Which of the following describes this form of access control?

Least Privilege

When assigning permissions to users, which principle should you adhere to?

Least Privilege

Which access control model is a static model that uses predefined access privileges for resources that are assigned by the administrator?

MAC

Which specification is a fairly accurate estimation of how long a component will last?

MTBF (mean time between failures)

Which of the following attacks is BEST described as the interruption of network traffic accompanied by the insertion of malicious code?

Man-in-the-middle

Which type of risk strategy is undertaken when you attempt to reduce the risk? Mitigation

Mitigation

After a careful risk analysis, the value of your company's data has been increased. Accordingly, you're expected to implement authentication solutions that reflect the increased value of the data. Which of the following authentication methods uses more than one authentication process for a logon?

Multifactor

Which of the following is NOT an advantage of host virtualization?

Only one copy of anti-virus software is needed

Locking the door(s) to the server room involves what kind of security?

Physical

Which of the following is a security control that is lost when using cloud computing?

Physical control of the data

Which port should be closed on systems to prevent the unauthorized running of programs?

Port: 111

Which cloud delivery model is implemented by a single organization, enabling it to be implemented behind a firewall?

Private

In order to run "sniffer" software properly, the NIC in the computer running the software must be set to:

Promiscuous Mode

Which RAID level provides for no fault tolerance?

Raid 0

Several classified mobile devices have been stolen. Which of the following would BEST reduce the data leakage threat?

Remotely sanitize/wipe the devices

Which hashing algorithm uses a 160-bit hash value?

SHA

Which of the following is NOT a tunneling protocol?

SLIP

___________________ is a slang term for unwanted commercial e-mail.

SPAM

Which of the following can prevent an unauthorized employee from entering a datacenter? (Select two answers).

Security Guard, Proximity Reader

Which of the following policies are designed to reduce the risk of fraud and prevent other losses in an organization?

Separation of duties

You require your ISP to keep your Internet connection up 99.999% of the time. In which document would this condition be placed?

Service Level Agreement

Which of the following attacks would using privacy filters masking help mitigate? Note: privacy filters are small pieces of plastic that go over computer screens that restrict the viewing angle to straight on.

Shoulder Surfing

Web-based email is classified under which of the following cloud-based technologies?

Software as a Service (SaaS)

Which of the following is a type of attack that occurs when an attacker pretends to be a legitimate client, using information it has gained from a legitimate client (like it's IP address).

Spoofing

Which remote access protocol, implemented almost exclusively by Cisco, is a central server providing remote access usernames that dial-up users can use for authentication.

TACACS+

Which of the following is an example of allowing another user physical access to a secured area without validation of their credentials?

Tailgating

What is the purpose of WEP (Wired Equivalent Privacy)?

To provide a WLAN (Wireless Local Area Network) with the same level of security as a wired LAN (Local Area Network)

If you wanted to connect two networks securely over the Internet, what type of technology could you use?

VPN

Which of the following security threats does shredding mitigate?

Dumpster Diving

What is the machine on which virtualization software is running known as?

Host

Which of the following is true about the CRL?

It should be kept public

What TCP port does Telnet use?

Port: 23

What is the size of the initialization vector (IV) that WEP uses for encryption?

24-bit

Which cloud delivery model has an infrastructure shared by several organizations with shared interests and common IT needs?

Community

A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the datacenter. Which of the following are being addressed? (Select the best TWO answers).

Confidentiality, Availability

Which of the following Evaluation Assurance Levels (EAL) is the common security benchmark for commercial systems?

EAL4

Which of the following Evaluation Assurance Levels (EAL) specifies that the user wants assurance that the system will operate correctly, but threats to security are not viewed as serious?

EAL7

In order to ensure high availability of all critical servers, backups of the main datacenter are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in the case of a disaster?

Having the offsite location of tapes also be the hot site

Which of the following environmental controls would BEST be used to regulate cooling within a datacenter?

Hot and cold aisles

A ___________________ is a repair made while the system being repaired remains in operation.

Hotfix

Which of the following is NOT a routing protocol?

ICMP

IPv6, in addition to having more bits allocated or each host address, has mandatory requirements built in for which security protocol?

IPSec

Which of the following can a security administrator do to help protect against smurf attacks?

Install a Spam Filter

Which of the following will NOT contribute to network hardening?

Installing new anti-virus software on workstations

A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?

Mandatory Vacation

Several staff members working in a datacenter have reported instances of tailgating. Which of the following could be implemented to prevent this security concern?

Mantraps

In a wireless network that uses WEP (Wired Equivalent Privacy) to provide wireless security, which of the following may authenticate to an access point?

Only users with the correct WEP key

Which encryption/security measure, originally developed by Netscape, is used to establish a secure, lower-layer communication connection between two TCP/IP-based machines?

SSL

Which fire extinguisher type is the best to be used on computer equipment in the case of a computer fire?

Type C

To prevent files from being copied on a workstation to removable media, you should disable which ports?

USB

Which of the following is NOT one of the cloud delivery models recognized by NIST?

Unlisted

A user receives an automated call which appears to be from their bank. The automated recording provides details about the bank's privacy policy, security policy and requests that the user clearly state their name, birthday and enter the banking details to validate the user's identity. Which of the following BEST describes this type of attack?

Vishing

In the Windows world, what tool is used to disable a port?

Windows Firewall

Which "X." standard defines certificate formats and fields for public keys?

X.509

Which of the following is NOT a component of Public Key Infrastructure (PKI)?

XA

A penetration test shows that almost all database servers were able to be compromised through a default database user account with the default password. Which of the following is MOST likely missing from the operational procedures?

Application Hardening

What kind of cryptographic method replaces one character with another from a "match-up list" to produce the ciphertext? The decoder wheels kids get in cereal boxes often make this kind of cryptography.

Substitution Cipher

Which of the following outlines those internal to the origination who have the ability to setup into positions when they open?

Succession Planning

Which of the following penetration testing types is performed by security professionals with no inside knowledge of the network?

Black Box

A security administrator with full administrative rights on the network is forced to change roles on a quarterly basis with another security administrator. Which of the following describes this form of access control?

Job Rotation

A security administrator has been receiving support tickets for unwanted windows appearing on user's workstations. Which of the following can the administrator implement to help prevent this from happening?

Pop-up Blockers

A security administrator wants to know which systems are more susceptible to an attack compared to other systems on the network. Which of the following assessment tools would be MOST effective?

Vulnerability Scanner

What is the term for restricting an application to a safe/restricted resource area?

Sandboxing

Which of the following is a method of capturing a virtual machine at a given point in time?

Snapshot

Which kind of security attack is a result of the trusting nature of human beings?

Social Engineering

Which of the following is NOT one of the three cloud service models recognized by the NIST?

XaaS

Which of the following threats corresponds with an attacker targeting specific employees of a company?

Spear phishing


Kaugnay na mga set ng pag-aaral

Ch 1 - The Science and Scope of Nutrition

View Set

Word Module 2: Creating a Research Page

View Set

5 - Benchmark Unidad 4 - El punto de vista del autor - Quizlet acumulativo

View Set