Exam 3 Security

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of the following would you find on a CPS

A declaration of security that the organization is implementing for all certificates

What is a PKI

A hierarchy of computers for issuing certificates

Which of the following best describes the content of the CRL

A list of all revoked certificates

What type of key or keys are used in symmetric cryptography

A shared private key

Which of the following best describes high amplifications when applied to hashing algorithms

A small change in the message results in a big change in the hash value.

Which of the following is a policy that defines appropriate activities and usage for company resources, assets, and communications

Acceptable use policy

Components within your server room are failing at rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do the help reduce problems

Add a separate A/C unit in the server room

A private key has been stolen. What action should be taken to deal with this crisis

Add the digital certificate to the CRL

Which of the following conditions does not result in a certificate being added to the certificate revocation list

Certificate expiration

You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this

Chain of custody

What is the most important element related to evidence in addition to the evidence itself

Chain of custody document

Which of the following fire extinguishers types is best for electrical fires that might result when working with computer components

Class C

A service level agreement (SLA) defines the relationship between, and the contractual responsibilities of providers and recipients of service. Which of the following characteristics are most important when designing an SLA (Select two)

Clear and detailed description of penalties if the level of service is not provided. Detailed provider responsibilities for continuity and disaster recovery mechanisms.

A code of ethics provides for all but which of the following

Clearly defines course of action to take when a complex issue is encountered.

Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service

Clustering

Which of the following is a recovery site that may have electricity connected, but there are no servers installed and no high-speed data lines present

Cold site

When two different messages produce the same hash value, what has occurred

Collision

By definition, which security concept ensures that only authorized parties can access data

Confidentiality

You create a new document and save it to a hard drive on a file server on your company's network. Then, you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing what security goal

Confidentiality

You manage the website for your company. The website uses clusters of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this

Connect one server through a different ISP to the Internet.

You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by the attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do

Contact your customer to let them know of the security breach

How can a criminal investigator ensure the integrity of a removable media device found while collecting evidence

Create a checksum using a hashing algorithm

You want to store your computer-generated audits logs in case they are needed in the future examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future

Create a hash of each log.

Which of the following functions are performed by the TPM

Create a hash of system components

Hashing algorithms are use to perform what activity

Create a message digest

Which of the following algorithms are used in asymmetric encryption (Select two.)

Diffie-Hellman, RSA

Which of the following is a direct protection of integrity

Digital signature

What is the most obvious means of providing non-repudiation in a cryptography system

Digital signatures

On your way into the back entrance of the building at work one morning, a man dressed as a plumber ask you to let him in so he can "fix the restroom." What should you do

Direct him to the front entrance and to check in with the receptionist.

When informing an employee that they are being terminated, what is the most important activity

Disabling their network access

During a recent site survey, you find a rouge wireless access point on your network. Which of the following actions should you take first to protect your network, while still preserving evidence

Disconnect the access point from the network

If maintaining confidentiality is of the utmost importance to your organization, which is the best response when an intruder is detected on your network

Disconnect the intruder

You manage the website for your company. The Web 1 server hosts the website. This server has the following configuration:..........Which component is a single point of failure for the website

Disk Controller

When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first

Document what's on screen

Which of the following security measures encrypts the entire contents of a hard drive

Drive Lock

Which of the following is the employment of two separate key pairs in order to separate the security functions of confidentiality and integrity in a communication system

Dual key pair

Which of the following protocols are most likely used with digital signatures (Select two.)

ECC, RSA

Which of the following security would prevent a user from reading a file which she did not create

EFS

Which of the following statements about ESD is not correct

ESD is more likely to occur when the relative humidity is above 50%

IPSec is implemented through two separate protocols. What are these protocols called (Select two.)

ESP, AH

Which of the following is not part of security awareness training

Employee agreement documents.

You want to implement BitLocker to encrypt data on a hard disk even if it is moved to another system. You want the system to boot automatically without providing a startup key on an external USB device. What should you do

Enable the TPM in the BIOS

Which IPSec sub protocol provides data encryption

Encapsulating Security Payload (ESP)

Which of the following is not a valid example of steganography

Encrypting a data file with an encryption key

Dumpster diving is a low-tech mean of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving

Establish and enforce a document destruction policy

Which of the following is not used to oversee and/or improve the security performance of employees

Exit interviews

Which backup strategy backsup all files from a computer's file system regardless of whether the file's archive bit is set or not and marks them as having been backed up

Full

What is the main function of a TPM hardware chip

Generate and store cryptographic keys

You organization uses the following tape rotation strategy for its backup tapes: 1. The first set of tapes is used for daily backups 2. At the end of each week, the latest daily backup tape is promoted to be the weekly backup tape 3. At the end of the each month, one of the weekly backup tapes is promoted to be the monthly backup tape. What kind of backup ration strategy is being used

Grandfather

Which protocol is used for securely browsing a Web site

HTTPS

Which of the following fire extinguisher types poses a safety risk to users in the area (Select tow)

Halon, C02

Which of the following is used to verify that a downloaded file has not been altered

Hash

Which method can be use to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence

Hashing

Which of the following is a common form of social engineering attack

Hoax virus information e-mails.

You have been asked to deploy a network solution that requires an alternate location where operational recovery is provided within minutes of a disaster. Which of the following strategies would you choose

Hot site

Which of the following is the best countermeasure against man-in-the-middle attacks

IPSec

Which of the following network layer protocols provides authentication and encryption services of IP based network traffic

IPSec

Which of the following can be used to encrypt Web, e-mail, telnet, file transfer, and SNMP traffic

IPSec (Internet protocol security)

To obtain a digital certificate and participate in a Public Key Infrastructure (PKI), what must be submitted and where should it be submitted

Identify data and a certification request to the registration authority (RA)

Which of the following is not a form of social engineering

Impersonating a user by logging on with stolen credentials

You want to protect data on hard drives for users with laptops. You want to drive to be encrypted, and you want to prevent the laptops from booting unless a special USB drive is inserted. In addition, the system should not boot if a change is detected in any of the boot files. What should you do

Implement BitLocker with a TPM

When should a hardware device be replaced in order to minimize downtime

Just before it's a MTBF is reached

You are concerned that if a private key is lost, all documents encrypted using your private key will be inaccessible. Which service should you use to solve this problem

Key escrow

Which of the following is not true concerning symmetric key cryptography

Key management is easy when implemented on a large scale.

What is the most common failure of a security policy in an environment

Lack of user awareness

When returning to the rebuilt primary site, the salvage team will restore or return what process first.

Least business-critical

The chain of custody is used for what purposes

Listing people coming into contact with evidence

Which of the following is the weakest hashing algorithm

MD-5

What is the primary goal of business continuity planning

Maintaining business operations with reduced or restricted infrastructure capabilities or resources

You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activates on the disk to see what kind of information it contains. What should you do first

Make a bit-level copy of the disk

You walk by the server room and notice a fire has started. What should you do first

Make sure everyone has cleared the area.

Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which key would Mary use to create the digital signature

Mary's private key

When a recovery is being performed due to a disaster, what services are to be stabilized first

Mission critical

You used BitLocker to encrypt the hard drive of a laptop. The laptop stores the startup key in the TPM, and a PIN is also required to start the system. Because of a hardware failure, the system will not boot. You want to gain access to the data on the hard drive. What should you do

Move the hard drive to another system. Use the recovery key to unlock the disk.

If an organization shows sufficient due care, which burden is eliminated in the event of a security breach

Negligence

By definition, which security concept uses the ability to prove that a sender sent an encrypted message

Non-repudiation

When a sender encrypts a message using their own private key, what security service is being provided to the recipient

Non-repudiation

You have a Web server that will be used for secure transactions for customers who access the Web site over the Internet. The Web server requires a certificate to support SSL. Which method would you use to get a certificate for the server

Obtain a certificate from a public PKI

How many keys are used with symmetric key cryptography

One

What is the primary difference between impersonating and masquerading

One is more active, the other is more passive

Which of the following encryption methods combines a random value with the plaintext to produce the cipher text

One-time pad

What technology was developed to help improve the efficiency and reliability of checking the validity status of certificates in large complex environments

Online Certificate Status Protocol

Which of the following are backed up during a differential backup

Only file that have changed since the last full backup.

Which of the following are backed up during an incremental backup

Only files that have changed since the last full or incremental backup.

A disaster recovery plan should include all but which of the following

Penetration testing

The disaster recovery plan calls for having tape backups stored at a different location. The location is a safe deposit box at the local back. Because of this, the disaster recovery plan specifies to choose a method that uses the fewest tapes, but is also quick to back up and restore files. Which backup strategy would best meet the disaster recovery plan for tape backups

Perform a full backup once a week with a differential backup the other days of the week.

You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer form the network to isolate it from the network and stop the attack. What should you do next

Perform a memory dump

Which of the following is a form of attack that tricks victims into providing confidential information, such as identity information or logon credentials, through e-mails or Web sites that impersonate an online entity that the victim trusts, such as a financial institution or well known e-commerce site

Phishing

You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area into server components and affecting the availability of the network. Which of the following should you implement

Positive pressure system

To prevent server downtime, which of the following components should be installed redundantly in a server system

Power supply

Above all else, what must be protect to maintain the security and benefit of a asymmetric cryptographic solution, especially if it is widely used for digital certificates

Private keys

Which of the following algorithms are used in symmetric encryption (Select three.)

Blowfish, AES, 3DES

In business continuity planning, what is the primary focus of the scope

Business processes

Besides protecting a computer from under voltages, typical UPS also performs which two actions

Protects from over voltages, Conditions the power signal

Which of the following is the best countermeasure for man-in-the-middle attacks

Public Key Infrastructure (PKI)

How can organization help prevent social engineering attacks (Select two)

Publish and enforce clearly-written security polices, Educate employees on the risk and countermeasures

How can an organization help prevent social engineering attacks (Select two)

Publish and enforce clearly-written security policies, Educate employees on the risk and countermeasures

Which of the following disk configurations can sustain a loss of any two disks

RAID 1+0

Which of the following drive configuration is fault tolerant

RAID 5

What is an advantage of RAID 5 over RAID 1

RAID 5 improves performance over RAID 1

Which of the following protocols can TLS for key exchange (Select two.)

RSA, Diffie- Hellman

The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following actions is most likely to destroy critical evidence

Rebooting the system

Which form of alternate site is the cheapest but my not allow an organization to recover before reaching their maximum tolerable downtime

Reciprocal agreement

Which of the following identifies someone who can retrieve private keys from storage

Recovery agent

You have lost the private key that you have used to encrypt files. You need to get a copy of the private key to open some encrypted files. Who should you contact

Recovery agent

Who is responsible for performing the steps of the business continuity plan or disaster recovery plain in the event of an emergency

Recovery team

What is the primary security feature that can be designed into a network's infrastructure to protect and support availability

Redundancy

Which of the following is an entity that accepts and validates information contained within a request for certificate

Registration authority

Even if you perform regular backups, what must be done to ensure that you are protected against data loss

Regularly test restoration procedures

A system failure has occurred. Which of the following restoration process would result in the fastest restoration of all data t its most current state

Restore the full backup and the last differential backup.

In the certificate authority trust model known as hierarchy, where does trust start

Root CA

Which of the following is the strongest hashing algorithm

SHA-1

Telnet is inherently insecure its communications is in plain text and easily intercepted. Which of the following is an acceptable alternative to Telnet

SSH

Which of the following protocols can be used to securely manage a network device from a remote connection

SSH

Which protocol does HTTPS use to offer greater security in Web transactions

SSL

You are purchasing a hard disk over the Internet from an online retailer. What does your browser use to ensure the other cannot see your credit card number on the Internet

SSL

You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations.

SSL

Which of the following protocols are often added to other protocols to provide secure transmission of data

SSL, TLS

Mary wants to send a message to Sam so the only Sam can read it. Which key would be used to encrypt the message

Sam's public key

Which type of media preparation is sufficient for media that will be reused in a different security context within your organization

Sanitization

You have purchased new computers and will be disposing of your old computers. Instead of recycling the computers, you decide to resell them through a local liquidator. Computers were previously not used for storing sensitive information. What should you do prior to getting rid of the computers

Sanitize the hard drives

Which of the following is not an example of a service level agreement

Security policy design

A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. What must the receiver use to access the hashing value to the verify the integrity of the transmission

Sender's public key

Which of the following technologies is based upon SSL (Secure Socket Layer)

TLS (Transport Layer Security)

Which of the following are typically associated with human resource security policies (Select two)

Termination, Background checks

An SSL client has determined that the Certificate Authority (CA) issuing a server's certificate is on its list of trusted CAs. What is the next step in verifying the server's identity

The CA's public key must validate the CA's digital signature on the server certificate

What is the primary purpose of forcing employees to take mandatory on-week minimum vacations every-year

To check for evidence of fraud

Why should backup media be stored offsite

To prevent the same disaster from affecting the both network and the backup media.

What is the purpose of key escrow

To provide a means to recover from a lost private key

Which of the following defines a method for one CA hierarchy to accept certificates issued by another CA hierarchy

Trusted model

Which aspect of certificates makes them a reliable and useful mechanism for providing the identity of a person, system, or service on the Internet

Trusted third-party

How many keys are used with asymmetric or public key cryptography

Two

When a cryptographic system is used to protect confidentiality of data, what is actually protected

Unauthorized users are prevented from viewing or accessing the resource.

What is the most effective means of improving or enforcing security in any environment

User awareness training

Which of the following items are contained in a digital certificate

Validity period, public key

You have just received a generic-looking e-mail that is addressed as coming from the administrator of your company. The e-mail says that as part of a system upgrade, you are to go to a Web site and enter your username and password at a new Web site so you can manage your e-mail and spam using new services. What should you do

Verify that e-mail was sent by the administrator and that this new service is legitimate.

Which of the following social engineering attacks use Voice over IP (VoIP) to gain sensitive information

Vishing

If your mission critical services have a maximum tolerable downtime (MTD) (or a recovery time objective (RTO)) of 36 hours, what would be the optimum form of recovery site you should choose

Warm

Daily backups are done at the ABD company location and only a weekly backup is maintained at another network location. Which of the following disaster recovery strategies is ABD using

Warm site

You manage a Web site for your company. The Web site three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure

Website storage

A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind productions. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of project's detail so the project can get back on schedule. What type of an attack best describes the scenario

Whaling

You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the Web site. The two hashes match. What do you know about the file

Your copy is the same as the copy posted on the website.

Your network performs a full back every night. Each Sunday, the previous night's backup tape is archived. Wednesday morning the storage system fails. How many restore operations will you need to perform to recover all the data

1

The session keys employed by SSL (Secure Socket Layer) are available in what bit lengths

128 bit and 40 bit

Your network uses the following backup strategy: Full backup every Sunday night, Differential backup Monday through Saturday nights. Thursday morning the storage system fails. How many restore operations will you need to perform to recover all the data

2

You have been asked to implement a RAID 5 solution for RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5

3

Your network uses the following backup strategy: full backup every Sunday night, Incremental backups Monday through Saturday nights. Thursday morning the storage system fails. How many restore operations will you need to perform to recover all the data

4

What is the recommended humidity level for a server rooms

50%

You want to encrypt data on a removable storage device. Which encryption method would you choose to use the strongest method possible

AES

Which of the following defines an acceptable use agreement

An agreement which identifies the employees rights to use company property such as Internet access and computer equipment for personal use.

A PKI is a method for managing which type of encryption

Asymmetric

Which of the follow are characteristics of ECC (Select two.)

Asymmetric encryption, Uses a finite set of values within an algebraic field.

Which of the following statements is true when comparing symmetric and asymmetric cryptography

Asymmetric key cryptography is used to distribute symmetric keys.

To increase your ability to recover from a disaster, where should you store backup tapes

At the vice president's home

What is the primary countermeasure to social engineering

Awareness

What does a differential backup do during the backup

Back up all files with the archive bit set; does not reset the archive bit

After an intrusion has occurred and the intruder has been removed from the system, which of the following is the best next step or action to take

Back up all logs and audits regarding the incident

Which of the following is an important aspect of evidence gathering

Backing up all log files and audit trails

What does an incremental backup do during the backup

Backs up all file with the archived bit set; resets the archive bit.

When duplicating a drive for forensic investigation purposes, which of the following copying methods is most appropriate

Bit-level cloning

You want a security solution that protects the entire hard drive, preventing access even when it is moved to another system. Which solution would you choose

BitLocker

In what form of key management solution is key recovery possible

Centralized

Certificates can be invalidated by the trusted third-party that originally issued the certificate. What is the name of the mechanism that is used to distribute information about invalid certificates

CRL

Which of the following generates the key pair used in asymmetric cryptography

CSP

Which of the following fire extinguisher suppressant types is best use for electrical fires that might result when working with computer components

Carbon dioxide (CO2)

You're responsible for implementing network cabling in a new Gigabit Ethernet network installation. The cabling will be installed in a manufacturing environment where there is a great deal of electromagnetic interference (EMI). Which type of cabling would operate best in this environment (Choose two.)

Category 5 shielded twisted pair cable, Fiber-optic cable

What s the primary function of the IKE protocol use with IPSec

Create a security association between communicating partners

Which of the following is used for secure exchange of symmetric encryption keys

Diffie-Hellaman

Which of the following is the weakest symmetric encryption method

DES

You have a computer with three hard disks.............Disk 2 fails. Which of the following is true

Data on the RAID 1 volume is accessible; data on the RAID 0 volume is not.

Which backup strategy backs up only files which have the archive bit set, but does not mark them as having backed up

Differential

As you are helping a user with a computer problem you notice that she has written her password on a note stuck to her computer monitor. You check the password policy of your company and find that the following settings are currently required: ...........Which of the following is best action to take to make remember passwords easier so that she no longer has to write the password down

Implement end-user training

Over the last month you have noticed a significant increase in the occurrence of inappropriate activities performed by employees. What is the best first response step to take in order to improve or maintain the security level of the environment

Improve and hold new awareness sessions

Which of the following activities assigns a security level to different types of data

Information classification

Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do

Install shielded cables near the elevator

Your company system is a participant in an asymmetric cryptography system. You've crafted a message to be sent another user. Before transmission, you hash the message, then encrypt the hashing using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. In this example, what protection does the hashing activity provide

Integrity

Which of the following is defined as a contract which prescribes the technical support or business parameters that a provider will bestow to its clients

Service level agreement

Which of the following are examples of social engineering (Select two)

Shoulder surfing, Dumpster diving

You have a set of DVD-RW discs that have been used to archive files for your latest development project. You need to dispose of the discs. Which of the following methods should you use to best prevent extracting data from the discs

Shredding

Of the following cables, which offer the best protection against EMI

Single mode fiber optic cable

When developing the totality of security policy documentation, what type of document will contain instructions or information on remaining compliance with regulations and industry standards

Standards

What is the cryptography mechanism which hides secret communications within various forms of data

Steganography

Which of the following is the least effective power loss protection for computer systems

Surge protector

When protection of the content of a message is required, which of the following cryptography solution should be employed

Symmetric encryption

What form of cryptography is best suited for bulk encryption because it is so fast

Symmetric key cryptography

Certificate revocation should occur under all but which of the following conditions

The certificate owner has held the certificate beyond the established lifetime timer

What action is taken when the private key associated with a digital certificate becomes compromised

The certification is revoked and added to the Certificate Revocation List

Which of the following would require that a certificate be placed on the CRL

The private key is compromised.


Ensembles d'études connexes

Principles of Management Final Study Guide

View Set

Advanced Networking Exam 2 (pt.2)

View Set

Pharmacological and Parenteral Therapies Part 1

View Set

Examining the Elements of Argument in The Declaration of Independence: Mastery Test

View Set

Characteristics of a Free Market Economy.

View Set

Step 3 - Compile Study Materials Quiz (100%)

View Set

Chapter 2-9: Structures of Photosynthesis

View Set

Chapter 13 operations management

View Set