Security + Final

What type of filtering software divides email messages that have been received into two piles, spam and non-spam and then analyzes every word in each email and determines how frequently a word occurs in the spam pile compared to the not-spam pile? Blacklist filtering Whitelist filtering Bayesian filtering Extension filtering

Bayesian filtering

Which of the following selections is not one of the features provided by a typical MDM? Rapidly deploy new mobile devices Discover devices accessing enterprise systems Track stolen devices Enforce encryption settings

Track stolen devices

A TOTP changes after a set period. True/False

True

A disaster recovery plan is developed for restoring the IT functions and services to their former state. True/False

True

Assessing risk should include testing of technology assets to identify any vulnerabilities. True/False

True

Authentication, authorization, and accounting are sometimes called AAA. True/False

True

Brute force attacks can be very slow because every character combination must be generated. True/False

True

In the production stage the application is released to be used in its actual setting. True/False

True

Infrared light is next to the visible light on the light spectrum. True/False

True

Least privilege in access control means that only the minimum amount of privileges necessary to perform a job or function should be allocated. True/False

True

A Wi-Fi enabled microSD card is an example of what type of device? PCIe mobile card SDIO Secure Digital

mobile card

Select the vulnerability scan type that will use only the available information to hypothesize the status of the vulnerability. intrusive passive non-intrusive active

non-intrusive

The action that is taken by a subject over an object is called a(n): control access operation authorization

operation

A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a: biometric detail password token challenge

password

If a penetration tester has gained access to a network and then tries to move around inside the network to other resources, what procedure is the tester performing? spinning pivot secondary exploitation persistence

pivot

If a user uses the operating system's "delete" command to erase data, what type of data removal procedure was used? degaussing wiping data sanitation purging

purging

What type of risk calculation uses an "educated guess" based on observation? quantitative risk calculation environmental risk calculation qualitative risk calculation observational risk calculation

qualitative risk calculation

The use of what item below involves the creation of a large pre-generated data set of candidate digests? word list rainbow tables cascade tables randomized character list

rainbow tables

What term can be described as a function of threats, consequences of those threats, and the resulting vulnerabilities? threat mitigation risk management

risk

Which of the following accounts is a user account that is created explicitly to provide a security context for services running on a server? system account privileged account shared account service account

service account

What kind of biometrics utilizes a person's unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person's face? physical biometrics cognitive biometrics standard biometrics reactive biometrics

standard biometrics

Which threat category affects the long-term goals of the organization? operational compliance strategic managerial

strategic

A snapshot of the current state of a computer that contains all current settings and data is known as what option below: system standard system image system baseline system view

system image

The goal of what type of threat evaluation is to better understand who the attackers are, why they attack, and what types of attacks might occur? threat modeling threat mitigation threat profiling risk modeling

threat modeling

What is another term used for a security weakness? risk vulnerability opportunity threat

vulnerability

Which scan examines the current security, using a passive method? application scan vulnerability scan system scan threat scan

vulnerability scan

A location that has all the equipment installed but does not have active Internet or telecommunications facilities, and does not have current backups of data, is an example of a: spare site hot site warm site cold site

warm site

Which application development life-cycle model uses a sequential design process? agile linear waterfall serial

waterfall

Which of the following are considered to be part of a typical OS security configuration? (Choose all that apply.) -Disabling unnecessary ports and services -Employing least functionality -Password auditing -Disabling default accounts/passwords

-Disabling unnecessary ports and services -Employing least functionality -Password auditing

What is an entry in an ACL known as? ACE SQL flag DACL

ACE

Which enterprise deployment model requires employees to choose from a selection of company owned and approved devices? BYOD COPE VDI CYOD

COPE

Which access control model is considered to be the least restrictive? Rule Based Access Control Mandatory Access Control Discretionary Access Control Role Based Access Control

Discretionary Access Control

What framework is used for transporting authentication protocols instead of the authentication protocol itself? SAML CHAP MS-CHAP EAP

EAP

A legal stop order is a notification sent from the legal team to employees instructing them not to delete electronically stored information or paper documents that may be relevant to the incident. True/False

False

A retina scanner has become the most common type of standard biometrics. True/False

False

A subject's privilege over an object should follow the principle of least privilege. True/False

False

ACLs provide file system security for protecting files managed by the user. True/False

False

Distributive allocation refers to "eliminating" the risk. True/False

False

The BIOS was software that was integrated into the computer's motherboard. True/False

False

The greatest asset of a mobile device-its security. True/False

False

What type of technology can add geographical identification data to media such as digital photos taken on a mobile device? GPS locating GeoData tagging GPS marking GPS tagging

GPS tagging

Select the option that represents a wearable technology. Android iPhone Google Chromebook Google Glass

Google Glass

What type of planning do many enterprises participate in that addresses a future event or circumstance that might possibly occur but cannot be predicted with any certainty? contingency system evaluation IT disaster planning IT contingency planning disaster recovery scenario

IT contingency planning

What describes an agreement between two or more parties and demonstrates a "convergence of will" between the parties so that they can work together? MOU NDA BPA ISA

MOU

How could an administrator initially manage applications on mobile devices using a technique called "app wrapping?" Mobile Application Management Extended Application Management Remote Application Management Cloud Application Management

Mobile Application Management

What connection technology allows a mobile device with a USB connection to act as either a host or a peripheral used for external media access? OTG COPE OTA VDI

OTG

Although designed to support remote dial-in access to a corporate network, what service below is commonly used with 802.1x port security for both wired and wireless LANs? ICMP RADIUS FTP Telnet

RADIUS

Which of the following is a system of hard drives based on redundancy and used for increased reliability and performance? ESD MTBF RAID RPO

RAID

Which access control model can dynamically assign roles to subjects based on a set of defined rules? Mandatory Access Control Discretionary Access Control Role Based Access Control Rule Based Access Control

Rule Based Access Control

Realistically, risks can never be entirely eliminated. True/False

True

Static program analyzers are tools that examine the software without actually executing the program; instead, the source code is reviewed and analyzed. True/False

True

TCP/IP uses a numeric value as an identifier to the applications and services on these systems. True/False

True

The transmission time needed to repeat a signal from one earth station to another is approximately 250 milliseconds. True/False

True

What security goal do the following common controls address: Redundancy, fault tolerance, and patching.? safety integrity availability confidentiality

availability

The process of identifying exposure to threats, creating preventive and recovery procedures, and then testing them to determine if they are sufficient, is known as: business management planning enterprise disaster planning business continuity planning disaster planning

business continuity planning

When does a company need to identify mission-critical business functions and quantify the impact a loss of such functions may have on the organization in terms of its operational and financial position, what should be performed? business impact analysis business alert assessment business productivity analysis business risk analysis

business impact analysis

Which of the following is an AV heuristic monitoring technique? code emulation environment scanning code monitoring OS simulation

code emulation

Which type of biometrics is based on the perception, thought process, and understanding of the user? cognitive biometrics reactive biometrics standard biometrics physical biometrics

cognitive biometrics

Using technology to search for computer evidence of a crime in order to retrieve information, even if it has been altered or erased, that can be used in pursuit of an attacker or criminal is an example of: penetration testing vulnerability testing computer forensics risk management

computer forensics

Which management system is used to support the creation and subsequent editing and modification of digital content by multiple employees? extended management content management remote management application management

content management

What process addresses how long data must be kept and how it is to be secured? legal retention data methodology data retention legal and compliance

data retention

What control is designed to identify any threat that has reached the system? preventive control compensating control detective control deterrent control

detective control

Which term below describes the time it takes for a key to be pressed and then released? react time lead time sync time dwell time

dwell time

Which of the following is caused by a short-duration burst of energy by the source? Faraday interference electromagnetic interference electromagnetic pulse electrostatic discharge

electromagnetic interference

What type of storage is used on mobile devices? volatile memory ROM RAM flash memory

flash memory

What specific type of authentication can be based on where the user is located? GPS somewhere locating geocache geolocation

geolocation

Which of the following controls can be implemented so an organization can configure multiple computers by setting a single policy for enforcement? role-based access control computer-based access control system access control group-based access control

group-based access control

A collection of suggestions that should be implemented is referred to as a: security policy baseline guideline security procedure

guideline

Which AV approach uses a variety of techniques to spot the characteristics of a virus instead of attempting to make matches? heuristic monitoring pattern detection hybrid monitoring combination detection

heuristic monitoring

What is the name for a framework and corresponding functions required to enable incident response and incident handling within an organization? incident reporting incident management incident handling incident planning

incident management