TCN4081 Final
A preshared key (PSK) of fewer than _____ characters may be subject to an attack if that key is a common dictionary word.
20
The IEEE _____ standard specifies a maximum rated speed of 54 Mbps using the 5 GHz spectrum.
802.11a
_____ biometrics is related to the perception, thought processes, and understanding of the user.
Cognitive
A _____ is a U.S. Department of Defense (DoD) smart card that is used for identification for active-duty and reserve military personnel.
Common Access Card (CAC)
Which technique would prevent an attacker from China from logging into a user's account at 4:00AM?
Computer footprinting
Which of the following is a vulnerability of MAC address filtering?
MAC addresses are initially exchanged between wireless devices and the AP in an unencrypted format.
In the _____ model, the end user cannot change any security settings.
Mandatory Access Control
Which of the following is not a reason why users create weak passwords?
Most sites force users to create weak passwords although they do not want to.
_____ uses lattice-based cryptography and may be more resistant to quantum computing attacks.
NTRUEncrypt
Which single sign-on (SSO) technology depends upon tokens?
OAuth
_____ is a decentralized open source FIM that does not require specific software to be installed on the desktop.
OpenID
Which of the following is NOT a flaw in standard operating systems?
Operating systems by default use the principle of least privilege.
Which technology should be used instead of LEAP?
PEAP
What is data called that is to be encrypted by inputting into an encryption algorithm?
Plaintext
With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.
RADIUS
_____ is a hash that uses two different and independent parallel chains of computation, the result of which are then combined at the end of the process.
RIPEMD
Which of the following asymmetric cryptographic algorithms is the most secure?
RSA
Which of the following asymmetric encryption algorithms uses prime numbers? A. EFS B
RSA
Which of the following attacks on passwords requires the attacker to have physical access to the computer to insert a USB flash drive?
Resetting
_____ is a protocol for securely accessing a remote computer.
Secure Shell (SSH)
Which of the following is not a basic security protection over information that cryptography can provide?
Stop loss
A(n) _____ is a set of permissions that is attached to an object.
access control list (ACL)
A user account that has not been accessed for a lengthy period of time is called a(n) _____ account.
dormant
Rule Based Access Control _____.
dynamically assigns roles to subjects based on rules
Hashing would not be used in which of the following examples?
encrypting and decrypting e-mail attachments
A token code is valid _______.
for as long as it appears on the device
A WEP key that is 128 bits in length _____.
has an initialization vector (IV) that is the same length as a WEP key of 64 bits.
A(n) _____ is not decrypted but is only used for comparison purposes.
hash
A user entering her user name would correspond to the _____ action in access control.
identification
Which of the following is not where keys can be stored?
in hashes
The areas of a file in which steganography can hide data include all of the following except ______.
in the directory structure of the file system
Which of the following is not found in a residential WLAN gateway?
intrusion detection system (IDS)
In the Mandatory Access Control (MAC) model, every subject and object _____.
is assigned a label
Public key infrastructure (PKI) ________.
is the management of digital certificates
The Microsoft Windows LAN Manager hash ______.
is weaker than NTLMv2
The primary weakness of wired equivalent privacy (WEP) is ________.
its usage creates a detectable pattern
The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.
least privilege
A token system that requires the user to enter the code along with a PIN is called a _______.
multi-factor authentication system
Proving that a user sent an e-mail message is known as ______.
non-repudiation
A(n) _____ is the person responsible for the information and determines the level of security needed for the data and delegates security duties as required.
owner
Bluetooth falls under the category of _______.
personal area network (PAN)
A Bluetooth network that contains one master and at least one slave using the same RF channel forms a _______.
piconet
Symmetric cryptographic algorithms are also called ______.
private key cryptography
Separation of duties requires that _____.
processes should be divided between two or more individuals
The Trusted Platform Module (TPM) _____.
provides cryptographic services in hardware instead of software
The primary design of a(n) _____ is to capture the transmissions from legitimate users.
rogue access point
In order to ensure a secure cryptographic connection between a Web browser and a Web server, a(n) _____ digital certificate would be used.
server
Using one authentication credential to access multiple accounts or applications is known as _______.
single sign-on
Each of the following is an advantage of IEEE 802.11n except _______.
smaller coverage area
A process functioning on behalf of the user that attempts to access a file is known as a(n) _______.
subject
A RADIUS authentication server requires that the _____ be authenticated first.
supplicant
A digital certificate associates ________.
the user's identity with their public key
The ______ party trust model supports CA.
third
Digital certificates can be used for each of the following except ________.
to verify the authenticity of the Registration Authorizer
An operating system that is designed to be secure by controlling critical parts of it to limit access from attackers and administrators is a _______.
trusted OS
Each of the following is a step in creating a strong password except _______.
use a short password so the computer can process it more quickly
Each of the following is a limitation of turning off the SSID broadcast from an AP except _______.
users can more easily roam from one WLAN to another
A digital signature can provide each of the following benefits except ______.
verify the receiver
Which of the following human characteristics cannot be used for biometric identification?
weight
Each of the following is a type of authentication credential except _______.
what you discover
A centralized directory of digital certificates is called a(n) ________.
Certificate Repository (CR)
Which transport encryption algorithm is integrated as part of IPv6? A
IPsec
The most flexible approach for a wireless VLAN is to have which device separate the packets?
AP
Which of the following is the strongest symmetric cryptographic algorithm?
Advanced Encryption Standard
. If Bob wants to send a secure message to Alice using an asymmetric cryptographic algorithm, the key he uses to encrypt the message is _______.
Alice's public key
What is a hybrid attack?
An attack that slightly alters dictionary words
Which of the following is not part of the certificate life cycle?
Authorization
_____ is the unauthorized access of information from a wireless device through a Bluetooth connection.
Bluesnarfing
Each of the following is a field of an X.509 certificate except ________.
CA expiration code
An entity that issues digital certificates is a(n) ________.
Certificate Authority (CA)
The least restrictive access control model is _____.
Discretionary Access Control (DAC)
What is the Extensible Authentication Protocol (EAP)?
EAP is a framework for transporting authentication protocols.
A digital certificate that turns the address bar green is a(n) ________.
Extended Validation SSL Certificate
Which of the following is not a requirement for war driving?
GPS receiver
_____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.
Group Policy
What is the cryptographic transport protocol that is used most often to secure Web transactions?
HTTPS
Which of the following has an onboard key generator and key storage facility, accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form?
Hardware Security Module (HSM)
_____ encrypts a hash with a shared secret key.
Hashed Message Authentication Code (HMAC)
_____ in access control means that if a condition is not explicitly met then access is to be rejected.
Implicit deny
Which of the following is a protection provided by hashing?
Integrity
Why should the account lockout threshold not be set too low?
It could result in denial of service (DoS) attacks.
Each of the following is true regarding hierarchical trust models except ________.
It is designed for use on a large scale
_____ is an authentication protocol available as a free download that runs on Microsoft Windows 7/Vista, Windows Server 2008, Apple Mac OS X, and Linux.
Kerberos
_____ refers to a situation in which keys are managed by a third party, such as a trusted CA.
Key escrow
The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.
LDAP
A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
LDAP injection attack
WPA replaces WEP with _____.
Temporal Key Integrity Protocol (TKIP)
Each of the following is a type of wireless AP probe except ________.
WNIC probe
AES-CCMP is the encryption protocol standard used in ________.
WPA2
The two models for personal wireless security developed by the Wi-Fi Alliance are Wi-Fi Protected Access (WPA) and _____.
Wi-Fi Protected Access 2 (WPA2)
Dual sided digital certificates ________.
are used in military and financial settings when it is necessary for the client to authenticate back to the server.
Public-Key Cryptography Standards (PKCS) ________.
are widely accepted in the industry
Keystroke dynamics is an example of _____ biometrics.
behavioral
A(n) _____ is a published set of rules that govern the operation of a PKI.
certificate policy (CP)
Each of the following is a characteristic of a secure hash algorithm except _______.
collisions should be rare
Creating a pattern of when and from where a user accesses a remote Web account is an example of ________.
computer footprinting
A disadvantage of biometric readers is _______.
cost
The individual who periodically reviews security settings and maintains records of access by users is called the _____.
custodian
Each of the following make up the AAA elements in network security except _______.
determining user need (analyzing)
The strongest technology that would assure Alice that Bob is the sender of a message is a(n) ________.
digital certificate