Security + SY0-401_Class

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

Which security standard is used to encrypt e-mails?

S/MIME

Which of the following is a hashing algorithm?

SHA

A domain server is valued at $2,500 and there are is an anticipated 2.5% chance of the domain server needing to be replaced in a given year. Calculate the ALE: ALE = SLE * ARO

$62.50

Which of the following is the most common hashing algorithm used for web based digital certificates?

SHA-2

Which of the following cloud computing solutions will deliver software applications to a client either over Internet or on a local area network?

SaaS

What is the term for restricting an application to a safe/restricted memory area?

Sandboxing

which type of cloud delivery models is offered to all users?

Public Cloud

Which of the following is the second highest classification level in the government (according to the course text)?

Secret

Which of the following is the term for an area in a building where access is individually monitored and controlled?

Security Zone

How many bits are used for addressing with IPv6?

128

What TCP port does SSH use?

22

Which port does non-encrypted LDAP use?

389

Which of the following is NOT an asymmetric encryption algorithm?

3DES

Computer room humidity should ideally be kept at what percent?

50

Which remote access protocol, implemented almost exclusively by Cisco, is a central server providing remote access usernames that dial-up users can use for authentication?

TACACS+

Which U.S. regulation dictates the standards for storage, use, and transmission of personal medical information?

HIPAA

The process of reducing the attack surface of a host system by keeping the OS updated, closing unused ports, and only running necessary services is called?

Hardening

Which of the following 802.11 standards is often referenced as WPA2?

802.11i

Which of the following 802.11 protocols has the fastest transmission speed?

802.11n

WPA utilizes which technology to fix the security weakness with WEP?

TKIP

Which of the following is an example of two-factor authentication?

A fingerprint and a password

Which of the following is the strongest form of multi-factor authentication?

A password, biometric scan, and a token device

Which of the following is a security concern regarding virtualization?

A successful attack on the hypervisor could provide root-level access to all virtual machines on the host system

Which of the following statements is true?

A virus requires a user action to propagate and infect other host systems

Which encryption algorithm is utilized by WPA II and based on Rijndael?

AES

The FTP protocol functions at which layer of the TCP/IP model?

Application

Which of the following is NOT a goal of information security?

Archival

Establishing a standard for security and using it to verify the security configuration of a host is called which of the following?

Baselining

Which of the following security device uses some biological characteristic of human beings to uniquely identify a person for authentication?

Biometric

What term below is used to describe an attack that sends unsolicited messages to Bluetooth enabled devices?

Bluejacking

A Bluetooth attack in which the attacker accesses unauthorized information from a wireless device using a Bluetooth connection, is known as?

Bluesnarfing

Which certificate authority (CA) trust model is best suited to provide flexibility and interoperability between different organizations?

Bridge Trust Model

Which method of attack against a password happens when an attacker tries many different combinations of alphanumeric characters until successful?

Brute force

A programmer that fails to check the length of input before processing leaves the code vulnerable to what form of common attack?

Buffer overflow

Due to the private key being compromised, a digital certificate must must be revoked so it is never used again. What is often used to revoke a certificate?

CRL

How can an administrator force wireless clients to use a standard web browser to provide information, and require a user to agree to a use policy or present valid login credentials?

Captive portal access point

Which of the following is primarily subject to an SQL injection attack?

Database servers

Which of the following can be used to stop piggybacking that has been occurring at a front entrance where employees should swipe their smart cards to gain entry?

Deploy a mantrap

You have a worker who is about to take a 6 month maternity leave. How should you handle her user account?

Disabled, regardless of the circumstances

You are the administrator of a website that is hosted on a server under your control. You suddenly notice a spike in CPU and RAM utilization and thousands of half-open connections (3-way handshake not completed). What type of attack are you most likely experiencing?

DoS

Your company is getting rid of old 1GB USB flash drives that contain sensitive data. What is the proper method of disposing of this type of storage media?

Drilling a hole into the flash memory component of the USB drives and then discarding them

Servers or computers that have two NIC cards, each connected to separate networks, are known as what type of computers?

Dual-homed

Which of the following Evaluation Assurance Levels (EAL) is the common security benchmark for commercial systems?

EAL 4

Which of the following is generally an immediate and urgent security update for software?

Hotfix

Which of the following statements about electrostatic discharge (ESD) is not correct?

ESD is much more likely to occur when the relative humidity is above 50%

Which of the following is an advantage of using virtualization?

Easy migration of virtual machines to different hardware systems

Which of the following is a solution that addresses physical security?

Escort visitors at all times

Which of the following dictates that educational institutions may not release information to unauthorized parties without the express permission of the student?

FERPA

Which of the following is used to provide EMI & RFI shielding for an entire room of computer or electronic equipment (also used to prevent eavesdropping)?

Faraday cage

Which of the following devices are the first line of defense for networks connected to the Internet?

Firewalls

Separation of duties polices are designed to reduce the risk of what?

Fraud

A small company had a hard drive go down on an important server and the backup must be utilized to restore the data. Restoring the backup will require the most recent full backup along with the backup that has all changes since the last full. This backup method continues to backup files once the file has been initially modified because it does not clear the archive bit. Which type of backup method is being utilized?

Full with differential

A software company is testing a new application by providing unexpected values as input to try and make it crash. Which of the following answers best describes this technique?

Fuzzing

Which of the following prohibits banks from releasing information to nonaffiliated third parties without permission?

Gramm-Leach-Bliley Act

What are the virtual machines (VMs) called that reside on a computer?

Guests

IPv6 has mandatory requirements built-in for which security protocol?

IPSec

Which type of policy determines if information is secret, top-secret, or public?

Information classification policies

A company decides that a network administrator and a database administrator should exchange positions one week every month in order to allow more oversight over each others position. Which of the following is this an example of?

Job Rotation

Which authentication method uses a Key Distribution Center (KDC)?

Kerberos

When assigning permissions to users, which principle should you adhere to?

Least privilege

An End User License Agreement (EULA) for software would typically be considered what classification of information?

Limited Distribution

Which of the following is a passive method of threat response?

Logging the event

Which access control model is a static model that uses predefined access privileges for resources that are assigned by the administrator?

MAC

Which of the following logs is not automatically generated in Windows Event Viewer?

Msconfig

You desire a product that has the ability to detect a distributed denial of service attack on your network and take an action to stop the attack. Which type of product does this describe?

NIPS

Which U.S. government agency is responsible for creating and breaking codes?

NSA

Which of the following Microsoft file systems allows native encryption of folders and files?

NTFS

The Certificate Revocation List (CRL) takes time to be fully disseminated. Which protocol allows a certificate's authenticity to be immediately verified?

OCSP

Which of the following is the least likely to improve host security?

Only implement Internet Explorer as a web browser

Whether or not your server operating system can force the change of a password is considered what kind of a security issue?

Operational

Which EAP protocol creates an encrypted channel between the client authentication server and the client, and can uses Microsoft Windows logins and passwords?

PEAP

Which PKCS standard is the standard for password-based cryptography?

PKCS #5

Which of the following remote access protocol should not be selected for a WAN VPN connection due to lack of security features?

PPP

Which of the following best describes the Platform as a Service (PaaS) cloud computing service model?

PaaS delivers everything a developer needs to build an application onto the cloud infrastructure.

Which of the following types of firewalls will pass or block packets based on their application or TCP port number.

Packet filter

On the outer edge of physical security is the first barrier to entry. This barrier is known as which of the following?

Perimeter

Locking the door(s) to the server room involves what kind of security?

Physical

As you browse the Internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view. Which tool can you implement to prevent these windows from showing?

Pop-up blocker

In a PKI environment, which entity is typically used to identify an individual for certificate issue?

RA

Which RAID array provides no fault tolerance?

RAID 0

Which of the following RAID levels is for disk striping that then gets mirrored? It is also called a mirror of stripes.

RAID 0+1

Which access control method model grants rights or privileges based on their job function or position held?

RBAC

What is the primary type of database used in applications today?

Relational

A digital file containg a comany's proprietary processes and strategic information would be classified as which of the following?

Restricted

Which type of virus attacks or bypasses the antivirus software installed on a computer?

Retrovirus

Which of the following is a type of attack that occurs when an attacker pretends to be a legitimate client, using information it has gained from a legitimate client (like it's IP address).

Spoofing

Which answer choices is correct as it relates to the following: It deals with specific issues or aspects of a business. It is derived from policies. IT should provide enough detail that an audit can be performed to determine whether it is being met.

Standard

What kind of cryptographic method replaces one character with another from a "match-up list" to produce the ciphertext?

Substitution cipher

Which of the following is an internal threat?

System Failure

Which of the following is the name assigned to a chip that can store cryptographic keys, passwords, or certificates and is often used for whole disk encryption?

TPM

Which of the following is a best practice as it relates to operating system updates?

Test the update first on computers in a non-production environment prior to rolling the update out to your production computers

You have taken out an insurance policy on your data/systems to share some of the risk with another entity. What type of risk strategy is this?

Transference

Which fire extinguisher type is the best to be used on computer equipment in the case of a computer fire?

Type C

Which hypervisor model needs the operating system to be up and cannot boot until it is?

Type II

Recently, a Web site named www.vidshare.com has become extremely popular with users around the world. An attacker registers the following domain names: www.videoshare.com www.vidsshare.com What type of attack has occurred in this scenario?

Typosquatting

Which of the following is NOT one of the cloud delivery models recognized by NIST?

Unlisted

If you wanted to connect two private networks securely over the Internet, what type of technology could you use?

VPN

Which protocol is used by cell phones to enable access to the Internet to view web pages in a format where the web page is properly formatted on a small screen?

WAP

What technology is targeted more at the consumer rather than the enterprise and is used to simplify wireless network setup by pushing a button on the wireless router and then the end user types in a PIN code?

WPS

What is the name given to targeting a significant person in a business such as the CEO with a social engineering attack?

Whaling

A list of applications approved for use on your network would be known as which of the following?

Whitelist

In Windows, what tool is most commonly used to disable a port?

Windows Firewall

Which "X." standard defines certificate formats and fields for public keys?

X. 509

Which of the following is not a component of Public Key Infrastructure (PKI)?

XA

Which of the following is an attack that is possible because user input is not validated and malicious scripts are injected into Web pages to redirect users to another website that may infect the visitor with malware when the web page is downloaded by the browser to the web client?

XSS

Which of the following is NOT one of the three cloud service models recognized by the NIST?

XaaS

Which of the following answer choices correctly describes a false positive?

You are alerted to a security situation when you should not have been

What is the name of a computer that is infected with Malware and under the control of a bot herder?

Zombie

What type of access point is configured by an attacker in such a manner that it mimics an authorized access point?

evil twin

In TCP/IP parlance, any computer or device with an IP address on a TCP/IP network is known as a(n):

host

Which of the following is NOT a tunneling protocol?

SLIP

Which of the followingis a slang term for unwanted commercial e-mail?

SPAM

Which encryption protocol below is used in the WPA2 standard?

AES

Which of the following symmetric encryption types is the primary current standard used by U.S. governmental agencies?

AES

Which of the following is a policy that defines appropriate activities and usage for company resources, assets, and communications?

Acceptable Use Policy

Which of the following is an advantage of SSO (Single Sign-on)?

Access to all authorized resources with a single instance of authentication

Which of the following indicates a current ongoing problem that needs to be investigated right away?

Alarm

Individuals who specialize in the making of codes are known as which of the following?

Cryptographers

When your servers become too busy on your network, you can offload traffic to resources from a cloud provider. This is known as which of the following?

Cloud bursting

Which of the following is not true regarding cloud computing?

Cloud computing requires end-user knowledge of the physical location and configuration of the system that delivers the services.

What type of systems utilize parallel processing which improves performance and availability and adds redundancy?

Clustered

What is the name of a site that is a location a company can move into if there is a disaster at their primary location but the site does not have a computer network or backups?

Cold site

Which access control method model allows the owner of a resource to grant privileges to information they own?

DAC

Which software security system monitors the contents of hosts to make sure key content is not deleted or removed?

Data Loss Prevention

You desire a software product that will monitor a server and detect abnormal conditions such as services starting that are not part of the baseline configuration. You want the software product to send you an alert if it detects an abnormal condition but not take an action. Which type of product does this describe?

HIDS

Which is the name for a host device that is intentionally placed on the network to lure attackers?

Honeypot

In order to run "sniffer" software properly, the NIC in the computer running the software must be set to which of the following?

Promiscuous Mode

Which command should you use to learn the IP address of a Windows based machine?

ipconfig

Which type of risk strategy is undertaken when you attempt to reduce the risk?

mitigation

An access point that is unauthorized and allows an attacker to bypass network security configurations is considered to be what type of access point?

rogue

Which kind of security attack is a result of the trusting nature of human beings?

social engineering

Which of the following is a system designed to fool attackers into thinking a system is unsecured so they will attack it. Then the "victim" will learn their attack methods without compromising a live system?

Honey Pot

Which of the following is the term used to describes data from different customers residing on separate virtual machines that are on the same physical machine with a cloud based provider?

Hypervisor and Multitenancy


Kaugnay na mga set ng pag-aaral

Skills Lesson: Gathering and Evaluating Sources

View Set

PSYCH 104 - Ch 9 TEST - Means One-Sample and Two-Independent-Sample t Tests

View Set

Biology A: Preparing for Test Unit 3

View Set