FIS Exam 3
Which Intstitute of Electrical and Electronics Engineers (IEEE) standard covers wireless LANs?
802.11
Which information security objective allows trusted entities to endorse information?
Certification
Which type of cipher works by rearranging the characters in a message?
Transposition
The term "router" describes a device that connects two or more networks and selectively interchanges packets of data between them.
True
Val would like to isolate several systems belonging to the product development group from other systems on the network, without adding new hardware. What technology can she use?
Virtual LAN (VLAN)
Val would like to limit the websites that her users visit to those on an approved list of pre-cleared sites. What type of approach is Val advocating?
Whitelisting
What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?
Whois
If someone sends you his public key and you import it into Kleopatra, will he be able to decrypt the encrypted messages you send him?
change the trust level
When the key is successfully created, which of the following options sends a copy of your private key to your computer?
make a backup of your key pair
When the key is successfully created, which of the following options lets you store your certificate on a public Internet server?
send certificate by Email
What protocol is responsible for assigning IP addresses to hosts on most networks?
Dynamic Host Configuration Protocol (DHCP)
What type of function generates the unique value that corresponds to the contents of a message and is used to create a digital signature
Hash
Yolanda would like to prevent attackers from using her network as a relay point for a smurf attack. What protocol should she block?
Internet Control Message Protocol (ICMP)
What is the certificate management component of GPG4Win?
Kleopatra
What federal agency is charged with the mission of promoting "U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life?"
National Institute of Standards and Technology (NIST)
When Patricia receives a message from Gary, she wants to be able to demonstrate to Sue that the message actually came from Gary. What goal of cryptography is Patricia attempting to achieve?
Nonrepudiation
Which approach to cryptography provides the strongest theoretical protection?
Quantum cryptography
What tool might be used by an attacker during the reconnaissance phase of an attack to glean information about domain registrations?
Remote Access Tool (RAT)
What type of publication is the primary working product of the Internet Engineering Task Force (IETF)?
Request for comment (RFC)
Which of the following allows valid SQL commands to run within a web form?
SQL Injection
The CEO of Kelly's company recently fell victim to an attack. The attackers sent the CEO an email informing him that his company was being sued and he needed to view a subpoena at a court website. When visiting the website, malicious code was downloaded onto the CEO's computer. What type of attack too place?
Spear phishing
What type of network device normally connects directly to endpoints and uses MAC-based filtering to limit traffic flows?
Switch
Which type of virus targets computer hardware and software startup functions?
System infector
Which of the following statements is true regarding asymmetrical encryption?
The receiver obtains the needed key from the sender or through a trusted third party, such as a certificate server
Web application developers and software developers are responsible for:
The secure coding and testing of their application.
Which of the following statements is true regarding symmetric cryptography?
The sender and receiver use the same key to encrypt and decrypt a given message
Which of the following becomes possible when a web form allows HTML or JavaScript code as valid input?
Cross-site scripting (XSS)
