Domain 2: Architecture & Design
What is a set of software development tools called that can be installed as one unit and provides code frameworks or code snippets to help development go faster?
SDK (software development kit)
Which of the following does not or cannot produce a hash value of 128 bits?
SHA-1 (160 bits)
Mary wants to send a message to Sam in such a way that only Sam can read it. Which key should be used to encrypt the message?
Sam's public key (only Sam's private key which he has can decrypt the message)
Which of the following do Raspberry Pi systems make use of?
SoC (system on a chip)- integrated circuit that includes all components of a typical computer system, including digital, analog, mixed-signal, and radio frequency functions
Exploits vulnerabilities in a card's protocols or encryption methods
Software attacks
Which application development model approaches software development as a continuous, changing process with never-ending versions, bug fixes, and enhancements?
agile
Which of the following defines all the prerequisites a device must meet in order to access a network?
authentication
the process of validating a subject's identity. Authentication includes the identification process, the providing of input by the user to prove his or her identity, and the acceptance of that input as valid by the system.
authentication
What is the process of controlling access to resources such as computers, files, or printers called?
authorization
Which of the following applies the appropriate policies in order to provide a device with the access it's defined to receive?
authorization
granting or denying a subject's access to an object based on the level of permissions or the actions allowed on the object.
authorization
Which of the following fire extinguisher types is best used for the electrical fires that might result when working with computer components?
class C - Class C fire extinguishers use a gas (CO2 or Halon) to remove oxygen from a fire
process of digitally signing (encrypting) executables and scripts to confirm the software author and guarantee that the code has not been altered or corrupted since it was signed
code signing
the point where the number of false positives matches the number of false negatives in a biometric system.
crossover error rate
Which of the following is a direct integrity protection?
digital signature
You are performing a security test from the outside on a new application that has been deployed.
dynamic
Which of the following terms is used to describe an event in which a person who should be allowed access is denied access to a system?
false negative
software testing technique that exposes security problems by providing invalid, unexpected, or random data to the inputs of an application.
fuzz testing
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which key would Mary use to create the digital signature?
her private key
Which of the following are backed up during an incremental backup?
incremental backup
Which of the following can be used to stop piggybacking at a front entrance where employees should swipe smart cards to gain entry?
mantrap
When a sender encrypts a message using their own private key, which security service is being provided to the recipient?
non-repudation
Which protection does the private key-signing activity of this process provide?
non-repudiation
What needs to be configured on a firewall to allow traffic directed to the public resource in the DMZ?
packet filters
cards that only transmit the owner's identity
proximity cards
Which of the following is the first step in the Waterfall application development model?
requirements
How are digital signatures created? How are they decrypted?
senders private key; senders public key
Which type(s) of key(s) are used in symmetric cryptography?
shared key pair
Which kind of access control technology allows more than just the identity of an individual to be transmitted wirelessly to either allow or deny access?
smart card
You are creating a VLAN for voice over IP (VoIP). Which command should you use?
switchport voice vlan [number]
development model is the most widely used model. It is called this because each step is completed before the next step is begun. This way, each step flows to the next.
waterfall
How many keys are used with symmetric key cryptography?
1 (**both parties must possess the shared key)
A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. Which of the following must the receiver use to access the hashing value and verify the integrity of the transmission?
Sender's public key
A system failure has occurred. Which of the following restoration processes would result in the fastest restoration of all data to its most current state?
Restore the full backup and the last differential backup
MD5 and MD2
128 bits
How many keys are used with asymmetric (public key) cryptography?
2 (1 private, 1 public)
You have been asked to implement a RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5?
3
Which of the following algorithms are used in symmetric encryption? (Select two.)
3DES Blowfish
Which of the following is an open-source hardware and software company that designs and manufactures single-board microcontrollers as well as kits to build digital devices?
Arduino
encryption = (CIA?)
Confidentiality
Hashing algorithms are used to perform which of the following activities?
Create a message digest.
Which of the following encryption mechanisms offers the least security because of weak keys?
DES** IDEA AES TwoFish
Which of the following is the LEAST reliable means of cleaning or purging media?
Degaussing ** Drive controller hardware-level formatting OS low-level formatting Overwriting every sector with alternating 1s and 0s
Which backup strategy backs up only files that have the archive bit set, but does not mark them as having been backed up?
Differential
A Faraday cage is used to prevent what from leaving an area?
Electromagnetic emissions
Deliberately induces malfunctions in a card
Fault generation
Which backup strategy backs up all files from a computer's file system, regardless of whether the file's archive bit is set or not, and then marks them as backed up?
Full
Which of the following is a message authentication code that allows a user to verify that a file or message is legitimate?
HMAC (hash-based authentication code)
hashing = (CIA?)
Integrity
Which of the following are true of Triple DES (3DES)?
Key length is 168 bits
Accesses the chip's surface directly to observe, manipulate, and interfere with a circuit
Microprobing
Which of the following are backed up during a differential backup?
Only files that have changed since the last full backup.
Which device is often employed by power companies to protect cabling infrastructure from having cables added or removed and to prevent emissions from being retrieved from the air?
PDS (protective distribution system)
Which of the following disk configurations might sustain losing two disks? (Select two.)
RAID 0+1 RAID 1+0
Which of the following drive configurations is fault tolerant?
RAID 5
Which of the following can be classified as a stream cipher?
RC4 (up to 256 bit key)
Which of the following algorithms are used in asymmetric encryption?
RSA Diffie-helman ECC
Which of the following serves real-time applications without buffer delays?
RTOS (real-time operating system)
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two.)
TACACS+ RADIUS
Which of the following virtual devices provides packet filtering and monitoring?
VFA (virtual firewall appliance)
