IS 323 Final Stone

A surge is a short transient in the voltage that can be due to a short circuit or power outage.

False

A system can easily be completely secure.

False

Active interception is the act of exploiting a bug or design flaw in software.

False

ActiveX controls can run on any browser platform.

False

Alt+F8 is the key combination that closes pop-up windows.

False

An IP proxy serves client requests by caching HTTP information.

False

An SNMP agent is software run on a server to monitor the network.

False

An example of a Windows firewall is iptables.

False

Qualitative risk assessment measures risk by using exact monetary values

False

RAID 1 is known as striping with parity.

False

RFI is a disturbance that can affect electrical circuits, devices, and cables due to electromagnetic conduction or radiation.

False

Redundant power supplies can help in the case of a brownout.

False

SDLC is an acronym for Security Development Life Cycle.

False

SNMP uses port 143.

False

Six characters or more constitutes a strong password.

False

Steganography uses a certificate authority to manage keys.

False

Syslog uses port 161.

False

The convert command converts an NTFS drive to FAT32.

False

The net stop command disables services in Windows.

False

The network 10.0.0.0 is a Class B private IP network.

False

To accept fewer cookies, you would add them to the Restricted Sites zone.

False

To open the Local Group Policy Editor console window, a user should type MMC at the Run prompt.

False

To turn off services, you would access the Programs and Features section of the Control Panel.

False

Viruses self-replicate whereas worms do not.

False

WPA2 has a typical key size of 128 bits.

False

A summary of a file or message best describes which of the following?

Hash

Which of the following is a near duplicate of the original site of the organization?

Hot Site

Which of the following will back up only the contents of a folder that have changed since the last full backup or the last incremental backup?

INcremental backup

Which of the following devices should you use to keep machines behind it anonymous? (Select the best answer.)

IP Proxy

Which of the following is used to secure L2TP sessions?

IPsec

When conducting a risk assessment, which of the following should you do after identifying threats and threat likelihood? (Select the two best answers.)

Identify a potential monetary impact. Identify the impact assessment.

Of the following, which can be a security benefit when using virtualization?

If a virtual machine is compromised, the adverse effects can be compartmentalized.

Which of the following is an example of spyware?

Internet Optimizer

Which of the following can run on any platform?

Java applets

Which of the following uses a two-way authentication system known as mutual authentication?

Kerberos

Which of the following is best described as when certificate keys are held in the case that third parties such as government or other organizations need access to encrypted communications?

Key Escrow

Lattice-based access control is an example of what type of access control policy?

MAC

Which of the following is an access control policy determined by a computer system and not by a user or owner?

MAC

Which of the following is the most secure form of authentication?

MS-CHAP v2

Which of the following is when two or more types of authentication are used when dealing with access control?

Multifactor authentication

Which type of firewall filter can match incoming traffic to the corresponding outbound IP address connection by way of IP address and port?

NAT filtering

Snort and Bro are examples of which of the following?

NIDS

Which of the following can detect malicious packets and discard them?

NIPS

Which of the following is the best file system to use in Windows?

NTFS

Which of the following is based off of the MD5 hash?

NTLMv2

Which of the following is the newest and strongest Windows hash?

NTLMv2

Which of the following is a vulnerability assessment tool?

Nessus

In which of the following Windows locations would you turn off file sharing?

Network and Sharing Center

Which of the following is an inline device that checks all packets?

Network intrusion detection system

Tom sends out many e-mails containing secure information to other companies. What concept should be implemented to prove that Tom did indeed send the e-mails?

Nonrepudiation

In a discretionary access control model, who is in charge of setting permissions to a resource?

Owner of the resource

Which of the following can be defined as the loss of value in dollars based on a single incident?

SLE

Which of the following cloud computing services would be in use if an organization were using Gmail?

SaaS

You are setting up auditing on a Windows computer. If set up properly, which log should have entries?

Security Log

Which of the following is not an example of a default hidden share?

Security$

Which of the following can best be described as the exploitation of a computer session in an attempt to gain unauthorized access to data?

Session Hijacking

Which of the following is the most basic form of IDS?

Signature-based

Which type of certificate is most commonly used by communications sessions?

Single-sided Certificate

Which of the following scenarios would not use a PKI?

Symmetric key algorithms

Which command lists the hotfixes installed to Windows?

Systeminfo

Which of the following remote authentication methods was developed by Cisco?

TACACS+

Which of the following is the phase of the SDLC where a system is checked thoroughly for bugs?

Testing

What do hackers use malicious port scanning to accomplish?

The "fingerprint" of the operating system

Circuit-level gateways work at the session layer of the OSI model.

True

Cisco created a proprietary version of EAP called LEAP.

True

Crosstalk is when a signal transmitted on one copper wire creates an unwanted effect on another wire; the signal "bleeds" over, so to speak.

True

Cryptography is the practice and study of hiding the meaning of a message.

True

DAC is an access control policy generally determined by the owner.

True

Data emanation occurs most commonly on coaxial cable.

True

Default accounts often have weak passwords.

True

Encryption, authentication, and anti-malware are all ways to protect against malicious threats.

True

Failure-resistant disk systems protect against data loss due to disk failure. An example of this would be RAID 1 mirroring.

True

Fiber-optic cable is not susceptible to data emanations.

True

Flashing is a term that describes the updating of the BIOS.

True

Full control is a type of NTFS permission that might be enabled within an access control list.

True

Full device encryption is one way of protecting a mobile device's data if the device is stolen.

True

Hardening is the act of configuring an OS securely, updating it, and removing unnecessary applications.

True

Honeynets are one or more computers or servers used to counteract attempts at unauthorized access to a network.

True

Identity proofing is an initial validation of an identity

True

If a child folder is inheriting its permissions from a parent folder, it could be said that the parent is propagating those permissions to the child.

True

If a key pair is generated at a local computer, it is considered to be decentralized.

True

In information security, the three core principles are known as confidentiality, integrity, and availability.

True

In the case of theft, the two best ways to protect against the loss of confidential or sensitive information are encryption and a remote wipe program.

True

In the five steps of vulnerability management, prioritizing vulnerabilities should happen before mitigation of vulnerabilities.

True

Individuals who hack into systems at an organization's request, but are not employed by the organization are known as blue hats.

True

Input validation is a process that ensures the correct usage of data.

True

Locally shared objects (LSOs), also called Flash cookies, collect information about users' browsing habits.

True

Malware is software designed to infiltrate a computer system without the user's consent.

True

Most certificates are based on the X.509 standard.

True

NAT filtering matches incoming traffic to corresponding outbound IP connections by matching the IP address and port.

True

NAT is sometimes also known as IP masquerading.

True

NMAP is a type of vulnerability scanner.

True

Network access control (NAC) sets rules by which network connections are governed.

True

PKIs manage, store, and revoke digital certificates.

True

Personal firewalls are applications that protect an individual computer from unwanted Internet traffic

True

Port 88 is used by Kerberos.

True

Public key cryptography uses asymmetric keys alone or in addition to symmetric keys.

True

RADIUS uses port 1812.

True

RAID 0+1 combines the advantages of RAID 0 and RAID 1.

True

RCE is when an attacker takes control of a server from a remote location using shell code.

True

Ransomware holds a user's files for ransom by encrypting them.

True

Risk management can be defined as the identification, assessment, and prioritization of risks.

True

Security monitoring can be augmented by using a SIEM solution.

True

Separation of duties is when more than one person is required to complete a task.

True

Social engineering includes viruses, worms, and Trojan horses.

True

Storage DLP systems are typically installed in data centers or server rooms as software that inspects data at rest.

True

Subnetting increases security by compartmentalizing a network.

True

Symmetric key algorithms are a type of cipher that uses a single key, identical keys, or closely related keys.

True

Symmetric key algorithms require a secure initial exchange of one or more secret keys.

True

The concept of least functionality is when an organization configures computers and other information systems to provide only the essential functions.

True

The second step in a patch management strategy is testing.

True

The systeminfo command displays the version number, build number, and the patch level of the operating system.

True

The ultimate goal of risk management is to reduce all risk to a level acceptable to the organization.

True

To change permissions on a file in Linux, you would use the chmod command.

True

To make changes to Microsoft Edge or Internet Explorer policies that correspond to an OU, you need a domain controller.

True

UAC keeps every user in standard mode instead of in administrator mode by default.

True

WEP is deprecated; it should be replaced with a more secure protocol such as WPA2.

True

What device should be used to ensure that a server does not shut down when there is a power outage?

UPS

Which of the following keeps every user in a standard user mode instead of as an administrator, even if the user is a member of the administrators group?

USer Account Control

Which of the following can help to prevent spam? (Select the two best answers.)

Use a spam filter. Close open mail relays.

Which of the following is not an example of good FTP server security?

Use port 20.

Which of the following is NOT a common safeguard for Microsoft Excel?

Using a digital certificate

Of the following, what are two good ways to protect the computer? (Select the two best answers.)

Verify that the guest account is disabled. Rename and password protect the administrator account.

What is the best option to use to isolate an operating system?

Virtualization software

Which type of hacker has no affiliation with an organization, yet will hack systems without malicious intent?

grey hat

Where would a NIDS sit on a network? (Select the best answer.)

inline

Which of the following would protect against an attacker entering malicious code into a web form?

input validation

For information security, what is the I in CIA?

integrity

Which of the following should be used to filter out activities such as instant messaging?

internet content filter

Which of the following commands can be used to turn off a service?

net stop

Which of the following commands enables you to synchronize a client's time to a domain controller?

net time

Which of the following types of encryption can encrypt plaintext with a secret random key that is the same length as the plaintext?

one-time pad

Which of the following would not be considered part of a disaster recovery plan?

patch management software

Which command disables a service in the command line?

sc config

Of the following, what are three ways to increase the security of Microsoft Outlook? (Select the three best answers.)

-Password protect .PST files. -Increase the junk e-mail security level. -Install the latest Office update or service pack.

Which of the following are asymmetric encryption algorithms? (Select the two best answers.)

-RSA -Diffie-Hellman

What are two ways of discouraging bluesnarfing? (Select the two best answers.)

-Select a pairing key that is not easy to guess. -Set the device to undiscoverable.

Which of the following are examples of penetration testing methods? (Select the two best answers.)

-The Open Source Security Testing Methodology Manual -NIST penetration testing

In a signature-based monitoring environment, network traffic is analyzed for predetermined attack patterns.

true

Which of the following cable types can be susceptible to crosstalk? (Select the two best answers.)

-Twisted-pair -Coaxial

Which of the following are ways to help defend against distributed denial-of-service attacks? (Select the three best answers.)

-Update firewalls. -Use intrusion prevention systems. -Use a "clean pipe."

Which of the following should be included in a password to make it complex? (Select the three best answers.)

-Uppercase letters -Numbers -Special characters

Which of the following can help to secure the BIOS of a computer? (Select the two best answers.)

-Use a case lock. -Use a BIOS supervisor password.

Which of the following should you implement to keep a well-maintained computer? (Select the three best answers.)

-Use a surge protector. - Update the BIOS and/or UEFI. - Update the firewall.

Which of the following ways can help secure a modem? (Select the two best answers.)

-Use the callback feature. -Use strong passwords.

Which of the following questions should you take into account when securing log files? (Select the two best answers.)

-Were the log files encrypted and hashed? -Are the logs stored in multiple locations?

Which of the following are examples of protocol analyzers? (Select the two best answers.)

-Wireshark

Which of the following should be done to maintain and harden a hard disk? (Select the two best answers.)

-defragment the drive -Consider a whole disk encryption

Which of the following should you include as general browser security practices? (Select the two best answers.)

-use a proxy server -train your users

Which of the following port numbers is used by the Character Generator (CHARGEN)?

19

Which port does Remote Desktop Protocol use?

3389

Within the birthday paradox, what is the probability that two people have the same birth date within a group of 23 people?

50 Percent

To use the Lightweight Directory Access Protocol (LDAP) in a secure fashion, what port should be used?

636

A client computer uses the IP address 10.254.254.189. It has made a connection to a web server by opening the outbound port 1589. The server uses the IP address 65.19.28.154. You want to filter out any HTTP packets coming from the server. Which IP address and port should you specify to be filtered on the firewall?

65.19.28.154:80

What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTP connections?

80

Timothy complains about a lot of pop-up windows when he uses Internet Explorer. Which key combination should you tell him to use to close the pop-up windows?

Alt+F4

Which of the following is described as "when a person's identity is confirmed or verified through the use of a specific system"?

Authentication

Which of the following does the "A" in "CIA" stand for when relating to IT security? (Select the best answer.)

Availability

You are contracted to conduct a forensic analysis of a computer. What should you do first?

Back Up the system

Which of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication?

Backdoor

Which of the following methods of malware delivery is used in computer programs to bypass normal authentication?

Backdoor

Which of the following is an example of whole disk encryption?

BitLocker

Which of the following refers to the unauthorized access of information from a wireless device through a Bluetooth connection?

Bluesnarfing

How can Internet Explorer be centrally managed for several computers?

By way of a Group Policy

Your boss wants you to make changes to 20 computers' Internet Explorer programs. To do this quickly, what is the best solution?

Create and use a template.

What key combination helps to secure the logon process?

Ctrl+Alt+Del

A honeypot is a device that caches information for hackers.

False

A portable gas engine generator is the best solution for a company that wants a permanently installed generator.

False

Which of the following are examples of virtualization? (Select the three best answers.)

-Hyper-v -virtualBox -VMware Workstation

Which of the following are commonly used in VPN tunneling protocols? (Select the two best answers.)

-PPTP -L2TP

Which of the following is a common encryption standard used today and can work with a 256-bit block size?

AES

Which of the following is the amount of times per year that a specific incident occurs?

ARO

A smart card is an example of something a user knows.

False

You are installing a video monitoring system for your organization. You do not want any outside people to view the video. What is the best solution?

CCTV

What is a certificate added to when it is considered to be no longer valid?

CRL

Which of the following will have tables, chairs, restrooms, and possibly some basic phone, data, and electric lines?

Cold site

Which of the following might include syntax errors in the code and type-checking errors?

Compile-time error

Which of the following is the greatest risk for removable storage?

Confidentiality of data

A stream cipher is a type of algorithm that encrypts a group of bits collectively as individual units known as blocks.

False

Which of the following is used to house FTP servers, mail servers, and web servers so that people on the Internet can access them but cannot access any other of the organization's servers?

DMZ

Which of the following should be modified because it is weak by default?

Default Account

When conducting an audit, what should be done after risk has been scanned for, analyzed, and calculated?

Develop a plan to mitigate risk.

Which of the following is when a prearranged list of likely words is attempted one at a time?

Dictionary Attack

A person complains that he cannot see any events in the Event Viewer. Which of the following questions should you not ask the person?

Did you reboot your computer?

Which of the following backs up only the contents of a folder that have changed since the last full backup?

Differential backup

Which of the following encryption algorithms is based on the structure of an elliptic curve?

ECC

Which of the following is not an example of good cloud security?

Eight-character passwords

Which of the following is not part of the three-step auditing process?

Evaluating the system log

Which of the following is NOT a typical symptom of a virus?

Excessive pop-up windows appear.

Which of the following is also known as "high-availability clusters"?

Failover Clusters

A MAC flood is when a person accesses a single port of a switch that was not physically secured.

False

A NIDS can inspect traffic and possibly remove, detain, or redirect malicious traffic.

False

A broadcast storm is when the TCP/IP handshake has been compromised.

False

An intranet enables multiple companies to access a secure area of a company's network.

False

Anomaly-based monitoring uses predetermined attack patterns.

False

Authorization is when a person is in a state of being identified.

False

Behavior-based monitoring establishes a performance baseline based on a set of normal network traffic evaluations.

False

Biometrics is an example of a logical authentication system.

False

Bluejacking is the unauthorized access of information from a wireless device through a Bluetooth connection.

False

Botnets do not affect mobile devices.

False

By default, Wireshark is non-promiscuous.

False

Certificates are digitally signed electronic documents that bind a private key with a user identity.

False

DES is a commonly-used block cipher.

False

Encryption is a type of cipher.

False

If you move a folder to a different location on the same volume, that folder will lose its permissions.

False

In an 802.1X connection, the authenticator is software running on a workstation.

False

In quantitative risk assessment: SLE X ALE = ARO

False

Lattice-based access control is an example of role-based access control.

False

Least privilege is a concept that denies all traffic to a resource unless the user is specifically granted access to that resource.

False

Microsoft's Disk Defragmenter can be used to revert to a previous restore point.

False

Most PKIs use a web of trust model.

False

Multifactor authentication is when a user can log in once and gain access to multiple systems.

False

NAT filtering accepts or rejects packets based on rules.

False

OVAL is a type of penetration testing.

False

One example of PaaS is a Gmail email account.

False

One of the reasons to have job rotation implemented is to increase employee boredom.

False

One of the strategies an organization might employ when managing a particular risk is to accept none of the risk.

False

One way of protecting Microsoft Outlook is to use a password for opening or modifying documents.

False

One way to defend against a double-tagging attack is to put unplugged ports on the switch into an unused VLAN.

False

One way to protect a WAN is to place all the computers behind a router.

False

One way to secure the administration interface of a WAP is to turn it off when not in use.

False

Opening mail relays can decrease the amount of spam that an organization receives on its e-mail server.

False

Passive security analysis is when actual hands-on tests are run on a system.

False

Port 443 is used by Ms-sql-s.

False

Port 53 is used by the DoS protocol.

False

Privilege escalation is used in computer programs to bypass normal authentication.

False

Public keys are known only to specific users who keep the key secret.

False

Which of the following occurs when an IDS identifies legitimate activity as something malicious?

False positive

If a server has inbound port 21 open, what service is it running?

File Transfer Protocol

Which of the following should be your primary line of defense in network security?

Firewall

James has detected a network intrusion in his company. What should he check first?

Firewall logs

Which of the following backup schemes could be described as using a daily, weekly, and monthly set of tapes?

Grandfather-father-son

Your boss wants you to secure your web server's transactions. Which protocol and port number should you use to accomplish this?

HTTPS - port 443

"Maximum and minimum password age" is part of which of the following?

Password Policy

Which of the following is not a good strategy for securing a WAP?

Place it in a faraday cage

Which type of virus can change every time it is executed in an attempt to avoid antivirus detection?

Polymorphic

Which of the following is not a category of disaster?

Pretexting

Which of the following is the act of exploiting a bug or design flaw in an operating system or application to gain access to resources that normally would be protected from an application or user?

Privilege escalation

Which tool can be instrumental in capturing FTP GET requests?

Protocol analyzer

Which of the following uses the equation SLE X ARO = ALE?

Quantitative risk assessment

Which of the following can be described as striping with parity?

RAID 5

Which of the following access control policies is based on sets of permissions involved in an operation?

RBAC

Which of the following is a stream cipher?

RC4

Which of the following best describes an audit trail?

Records or logs that show the tracked actions of users

You find a rogue access point on your network. What should you do with it? (Select the best answer.)

Remove it

Which of the following is not a denial-of-service attack?

Replay attack

Which of the following refers to a cloud computing service where a large service provider integrates its security services into a customer's existing infrastructure?

SECaaS

Which of the following employs a 160-bit hash?

SHA-1

What is baselining?

The process of measuring changes in networking, hardware, and software

Which of the following is the strongest password?

This1sV#ryS3cure

Which of the following would fall into the category of something the user is?

Thumbprint

What is the main reason to frequently view the logs of a DNS server?

To monitor unauthorized zone transfers

A DMZ is a special area of the network accessed by clients on the Internet.

True

A RAT is an example of a Trojan horse.

True

A blackout is when a total loss of power occurs for a prolonged period.

True

A cryptanalysis attack is a type of password cracking method.

True

A false positive is when a system authenticates a user who should not be allowed to access that system.

True

A firewall can use NAT and packet filters.

True

A key is an essential piece of information that determines the output of a cipher.

True

A master computer controls a botnet.

True

A proxy server acts as a go-between for the clients on the network and the Internet.

True

A service pack is a group of updates, bug fixes, updated drivers, and security fixes.

True

A single point of failure is an element, object, or part of a system that, if it fails, can cause the entire system to fail.

True

A stateless packet filter is vulnerable to IP spoofing attacks.

True

Access control lists enable or deny traffic and can be configured to help secure a router.

True

Active Directory Users and Computers can be used to add organizational units to a domain.

True

An IP proxy can be the victim of denial-of-service attacks.

True

An NMS is the software run on one or more servers that control the monitoring of network-attached devices and computers.

True

An older type of door access system might use a proximity sensor.

True

Authentication is when a person's identity is confirmed through the use of a specific system.

True

Back Orifice is an example of a backdoor.

True

Baselining is the process of measuring changes in networking.

True

Battery-inverter generators use lead-acid batteries.

True

Black-box testing uses testers with no advanced knowledge of the system.

True

By checking CVEs, you can keep informed of the latest attacks to web servers.

True

Which of the following has the strongest level of encryption?

WPA2

Which of the following is the best option to use to prevent spyware?

Windows Defender

Which of the following is a protocol analyzer?

Wireshark

Which of the following is an example of a personal software firewall?

ZoneAlarm

A UPS combines the functionality of a surge suppressor and a battery backup.

true

What should you configure to improve wireless security?

use MAC filtering

A person searches for wireless networks from his car. This is an example of which of the following?

wardriving

The act of splitting the wires of a twisted-pair cable connection would be an example of which of the following?

wiretapping