Security+ DCOM 258

Which of the following ranges comprise the well-known ports category?

0-1023

Your network uses the following subnet mask: 255.255.255.224. Which of the following IPv4 addresses are able to communicate with each other?

10.36.36.184 10.36.36.166

Which port does Remote Desktop Services use?

3389

To use the Lightweight Directory Access Protocol (LDAP) in a secure fashion, what port should be used?

636

What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTP connections?

80

Which standard is a software extension of Switch Port Security?

802.1X

What port does Kerberos use by default?

88

This type of attack attempts to spoof a MAC address thereby allowing a Man in the Middle or DoS attack.

ARP Poisoning

Which of the following is described as "when a person's identity is confirmed or verified through the use of a specific system"?

Authentication

Which of the following does the "A" in "CIA" stand for when relating to IT security?

Availability

Which of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication?

Backdoor

Which of the following methods of malware delivery is used in computer programs to bypass normal authentication?

Backdoor

Which of the following is an example of whole disk encryption?

Bitlocker

An attacker takes advantage of a vulnerability in programming that allows the attacker to copy more than 16 bytes to a standard 16 byte variable. What attack is being initiated?

Buffer Overflow

James doesn't want people to see where he browsed to on the Internet. What is a good way to clear his Internet browsing history?

Check mark the Empty Temporary Internet Files Folder When the Browser Is Closed check box.

All are types of physical security except:

Concrete Barriers

Which of the following is the greatest risk for removable storage?

Confidentiality of Data

Which of the following is used to house FTP servers, mail servers, and web servers so that people on the Internet can access them but cannot access any other of the organization's servers?

DMZ

You are the security administrator for your organization. You want to ensure the confidentiality of data on mobile devices. What the best solution?

Device Encryption

A MAC flood is when a person accesses a single port of a switch that was not physically secured.

False

A NIDS can inspect traffic and possibly remove, detain, or redirect malicious traffic.

False

A honeypot is a device that caches information for hackers.

False

A smart card is an example of something a user knows.

False

Active interception is the act of exploiting a bug or design flaw in software.

False

ActiveX controls can run on any browser platform.

False

Attenuation typically occurs with copper connections, but rarely occurs with fiber connections.

False

Fiber-optic cable is susceptible to data emanations.

False

Least privilege is a concept that denies all traffic to a resource unless the user is specifically granted access to that resource.

False

NAT filtering accepts or rejects packets based on rules.

False

One example of PaaS is a Gmail email account.

False

One way to protect a WAN is to place all the computers behind a router.

False

Opening mail relays can decrease the amount of spam that an organization receives on its e-mail server.

False

Port 53 is used for DHCP

False

Social engineering includes viruses, worms, and Trojan horses.

False

The love bug is an example of a rootkit.

False

The net stop commands disable services in Windows.

False

The network 10.0.0.0 is a Class B private IP network.

False

To accept fewer cookies, you would add them to the Restricted Sites zone.

False

To open the Local Group Policy Editor console window, a user should type MMC in the Run prompt.

False

Viruses self-replicate whereas worms do not.

False

WPA2 has a typical key size of 128 bits.

False

When a network security device experiences a system failure, it is best for it to default to a "Fail / Open" state.

False

Which of the following occurs when an IDS identifies legitimate activity as something malicious?

False-Positive

Which of the following should be your primary line of defense?

Firewall

Alice has detected an intrusion into her company network. What should she check first?

Firewall Logs

Which type of hacker has no affiliation with an organization yet will hack systems without malicious intent, but yet may be doing something illegal?

Gray Hat

By an overwhelming percentage, most security / data breaches are caused by:

Human Error/Negligence

Which of the following devices should you use to keep machines behind it anonymous?

IP Proxy

Of the following, which can be a security benefit when using virtualization?

If a virtual machine is compromised, the adverse effects can be compartmentalized.

Which of the following is likely to be the last rule contained with the ACLs of a firewall?

Implicit Deny

Which of the following would protect against an attacker entering malicious code into a web form?

Input Validation

For information security, what is the I in CIA?

Integrity

Which of the following can run on any platform?

Java Applets

Which of the following uses a two-way authentication system known as mutual authentication?

Kerberos

Which of the following are commonly used in VPN tunneling protocols?

L2TP PPTP

What is a malicious attack that executes at the same time every week?

Logic Bomb

Which of the following are virtualization software types?

Microsoft Virtual PC Microsoft Virtual Server VMware

Which of the following is the best file system to use in Windows?

NTFS

Tom sends out many e-mails containing secure information to other companies. What concept should be implemented to prove that Tom did indeed send the e-mails?

Nonrepudiation

Which of the following is not a good strategy for securing a WAP?

Place it in a Faraday cage

Which of the following is the act of exploiting a bug or design flaw in a software or firmware application to gain access to resources that normally would be protected from an application or user?

Privilege Escalation

Which of the following is not a denial-of-service attack?

Replay Attack

An example of authorization with "something you are" would be?

Retina Pattern

What does isolation mode on an AP provide?

Segments each wireless user from every other wireless user

Which of the following can best be described as the exploitation of a computer session in an attempt to gain unauthorized access to data?

Session Hijacking

Which attack type uses ICMP messages to create a DoS attack?

Smurf

This is a group of standards that investigates and recommends security and technical policies regarding the electrical and magnetic emissions from electronic and mechancial devices.

TEMPEST

Which of the following is the phase of the SDLC where a system is checked thoroughly for bugs?

Testing

What is baselining?

The process of measuring changes in networking devices, hardware, and software.

One of the biggest problems with BYOD is

There is virtually no security control over the sofware / hardware.

Which is not a type of Social Engineering?

Trojan

A DMZ is a special area of the network accessed by clients on the Internet.

True

A RAT is an example of a Trojan horse.

True

A false positive is when a system authenticates a user who should not be allowed to access that system.

True

A master computer controls a botnet.

True

A proxy server acts as a go-between of a client computer's web browser and the web server.

True

A service pack is a group of updates, bug fixes, updated drivers, and security fixes.

True

By checking CVEs you can keep informed of the latest attacks to web servers.

True

Crosstalk is when a signal transmitted on one copper wire creates an unwanted effect on another wire; the signal "bleeds" over, so to speak.

True

DAC is an access control policy generally determined by the owner.

True

Default accounts often have weak passwords.

True

EMI is a disturbance that can affect electrical circuits, devices, and cables due to electromagnetic conduction or radiation.

True

Encryption, authentication, and anti-malware are all ways to protect against malicious threats.

True

FTP uses ports 20 and 21

True

HTTPS uses port 443

True

In information security the three main goals are known as Confidentiality, Integrity, and Availability.

True

Malware is software designed to infiltrate a computer system without the users consent.

True

Most antimalware / virus software is signature based.

True

Separation of duties is when more than one person is required to complete a task.

True

The second step in a patch management strategy is testing.

True

The systeminfo commands show a list of hot fixes that have been installed to the operating system.

True

To change permissions on a file in Linux, you would use the chmod commands.

True

UAC keeps every user in standard mode instead of in administrator mode by default.

True

Which of the following should you implement to keep a well-maintained computer?

Update the firewall. Update the BIOS. Use a surge protector.

Which of the following is not an example of good FTP server security?

Use port 21

You have been tasked with segmenting internal traffic between layer 2 devices on the LAN. Which of the following network design elements would most likely be used?

VLAN

The act of splitting the wires of a twisted-pair cable connection would be an example of which of the following?

Wiretapping

Which of the following is an example of a personal software firewall?

ZoneAlarm

Which commands disable a service in the command line?

sc config

Which command lists the hotfixes installed to Windows?

systeminfo