IS 323 Final Stone
A surge is a short transient in the voltage that can be due to a short circuit or power outage.
False
A system can easily be completely secure.
False
Active interception is the act of exploiting a bug or design flaw in software.
False
ActiveX controls can run on any browser platform.
False
Alt+F8 is the key combination that closes pop-up windows.
False
An IP proxy serves client requests by caching HTTP information.
False
An SNMP agent is software run on a server to monitor the network.
False
An example of a Windows firewall is iptables.
False
Qualitative risk assessment measures risk by using exact monetary values
False
RAID 1 is known as striping with parity.
False
RFI is a disturbance that can affect electrical circuits, devices, and cables due to electromagnetic conduction or radiation.
False
Redundant power supplies can help in the case of a brownout.
False
SDLC is an acronym for Security Development Life Cycle.
False
SNMP uses port 143.
False
Six characters or more constitutes a strong password.
False
Steganography uses a certificate authority to manage keys.
False
Syslog uses port 161.
False
The convert command converts an NTFS drive to FAT32.
False
The net stop command disables services in Windows.
False
The network 10.0.0.0 is a Class B private IP network.
False
To accept fewer cookies, you would add them to the Restricted Sites zone.
False
To open the Local Group Policy Editor console window, a user should type MMC at the Run prompt.
False
To turn off services, you would access the Programs and Features section of the Control Panel.
False
Viruses self-replicate whereas worms do not.
False
WPA2 has a typical key size of 128 bits.
False
A summary of a file or message best describes which of the following?
Hash
Which of the following is a near duplicate of the original site of the organization?
Hot Site
Which of the following will back up only the contents of a folder that have changed since the last full backup or the last incremental backup?
INcremental backup
Which of the following devices should you use to keep machines behind it anonymous? (Select the best answer.)
IP Proxy
Which of the following is used to secure L2TP sessions?
IPsec
When conducting a risk assessment, which of the following should you do after identifying threats and threat likelihood? (Select the two best answers.)
Identify a potential monetary impact. Identify the impact assessment.
Of the following, which can be a security benefit when using virtualization?
If a virtual machine is compromised, the adverse effects can be compartmentalized.
Which of the following is an example of spyware?
Internet Optimizer
Which of the following can run on any platform?
Java applets
Which of the following uses a two-way authentication system known as mutual authentication?
Kerberos
Which of the following is best described as when certificate keys are held in the case that third parties such as government or other organizations need access to encrypted communications?
Key Escrow
Lattice-based access control is an example of what type of access control policy?
MAC
Which of the following is an access control policy determined by a computer system and not by a user or owner?
MAC
Which of the following is the most secure form of authentication?
MS-CHAP v2
Which of the following is when two or more types of authentication are used when dealing with access control?
Multifactor authentication
Which type of firewall filter can match incoming traffic to the corresponding outbound IP address connection by way of IP address and port?
NAT filtering
Snort and Bro are examples of which of the following?
NIDS
Which of the following can detect malicious packets and discard them?
NIPS
Which of the following is the best file system to use in Windows?
NTFS
Which of the following is based off of the MD5 hash?
NTLMv2
Which of the following is the newest and strongest Windows hash?
NTLMv2
Which of the following is a vulnerability assessment tool?
Nessus
In which of the following Windows locations would you turn off file sharing?
Network and Sharing Center
Which of the following is an inline device that checks all packets?
Network intrusion detection system
Tom sends out many e-mails containing secure information to other companies. What concept should be implemented to prove that Tom did indeed send the e-mails?
Nonrepudiation
In a discretionary access control model, who is in charge of setting permissions to a resource?
Owner of the resource
Which of the following can be defined as the loss of value in dollars based on a single incident?
SLE
Which of the following cloud computing services would be in use if an organization were using Gmail?
SaaS
You are setting up auditing on a Windows computer. If set up properly, which log should have entries?
Security Log
Which of the following is not an example of a default hidden share?
Security$
Which of the following can best be described as the exploitation of a computer session in an attempt to gain unauthorized access to data?
Session Hijacking
Which of the following is the most basic form of IDS?
Signature-based
Which type of certificate is most commonly used by communications sessions?
Single-sided Certificate
Which of the following scenarios would not use a PKI?
Symmetric key algorithms
Which command lists the hotfixes installed to Windows?
Systeminfo
Which of the following remote authentication methods was developed by Cisco?
TACACS+
Which of the following is the phase of the SDLC where a system is checked thoroughly for bugs?
Testing
What do hackers use malicious port scanning to accomplish?
The "fingerprint" of the operating system
Circuit-level gateways work at the session layer of the OSI model.
True
Cisco created a proprietary version of EAP called LEAP.
True
Crosstalk is when a signal transmitted on one copper wire creates an unwanted effect on another wire; the signal "bleeds" over, so to speak.
True
Cryptography is the practice and study of hiding the meaning of a message.
True
DAC is an access control policy generally determined by the owner.
True
Data emanation occurs most commonly on coaxial cable.
True
Default accounts often have weak passwords.
True
Encryption, authentication, and anti-malware are all ways to protect against malicious threats.
True
Failure-resistant disk systems protect against data loss due to disk failure. An example of this would be RAID 1 mirroring.
True
Fiber-optic cable is not susceptible to data emanations.
True
Flashing is a term that describes the updating of the BIOS.
True
Full control is a type of NTFS permission that might be enabled within an access control list.
True
Full device encryption is one way of protecting a mobile device's data if the device is stolen.
True
Hardening is the act of configuring an OS securely, updating it, and removing unnecessary applications.
True
Honeynets are one or more computers or servers used to counteract attempts at unauthorized access to a network.
True
Identity proofing is an initial validation of an identity
True
If a child folder is inheriting its permissions from a parent folder, it could be said that the parent is propagating those permissions to the child.
True
If a key pair is generated at a local computer, it is considered to be decentralized.
True
In information security, the three core principles are known as confidentiality, integrity, and availability.
True
In the case of theft, the two best ways to protect against the loss of confidential or sensitive information are encryption and a remote wipe program.
True
In the five steps of vulnerability management, prioritizing vulnerabilities should happen before mitigation of vulnerabilities.
True
Individuals who hack into systems at an organization's request, but are not employed by the organization are known as blue hats.
True
Input validation is a process that ensures the correct usage of data.
True
Locally shared objects (LSOs), also called Flash cookies, collect information about users' browsing habits.
True
Malware is software designed to infiltrate a computer system without the user's consent.
True
Most certificates are based on the X.509 standard.
True
NAT filtering matches incoming traffic to corresponding outbound IP connections by matching the IP address and port.
True
NAT is sometimes also known as IP masquerading.
True
NMAP is a type of vulnerability scanner.
True
Network access control (NAC) sets rules by which network connections are governed.
True
PKIs manage, store, and revoke digital certificates.
True
Personal firewalls are applications that protect an individual computer from unwanted Internet traffic
True
Port 88 is used by Kerberos.
True
Public key cryptography uses asymmetric keys alone or in addition to symmetric keys.
True
RADIUS uses port 1812.
True
RAID 0+1 combines the advantages of RAID 0 and RAID 1.
True
RCE is when an attacker takes control of a server from a remote location using shell code.
True
Ransomware holds a user's files for ransom by encrypting them.
True
Risk management can be defined as the identification, assessment, and prioritization of risks.
True
Security monitoring can be augmented by using a SIEM solution.
True
Separation of duties is when more than one person is required to complete a task.
True
Social engineering includes viruses, worms, and Trojan horses.
True
Storage DLP systems are typically installed in data centers or server rooms as software that inspects data at rest.
True
Subnetting increases security by compartmentalizing a network.
True
Symmetric key algorithms are a type of cipher that uses a single key, identical keys, or closely related keys.
True
Symmetric key algorithms require a secure initial exchange of one or more secret keys.
True
The concept of least functionality is when an organization configures computers and other information systems to provide only the essential functions.
True
The second step in a patch management strategy is testing.
True
The systeminfo command displays the version number, build number, and the patch level of the operating system.
True
The ultimate goal of risk management is to reduce all risk to a level acceptable to the organization.
True
To change permissions on a file in Linux, you would use the chmod command.
True
To make changes to Microsoft Edge or Internet Explorer policies that correspond to an OU, you need a domain controller.
True
UAC keeps every user in standard mode instead of in administrator mode by default.
True
WEP is deprecated; it should be replaced with a more secure protocol such as WPA2.
True
What device should be used to ensure that a server does not shut down when there is a power outage?
UPS
Which of the following keeps every user in a standard user mode instead of as an administrator, even if the user is a member of the administrators group?
USer Account Control
Which of the following can help to prevent spam? (Select the two best answers.)
Use a spam filter. Close open mail relays.
Which of the following is not an example of good FTP server security?
Use port 20.
Which of the following is NOT a common safeguard for Microsoft Excel?
Using a digital certificate
Of the following, what are two good ways to protect the computer? (Select the two best answers.)
Verify that the guest account is disabled. Rename and password protect the administrator account.
What is the best option to use to isolate an operating system?
Virtualization software
Which type of hacker has no affiliation with an organization, yet will hack systems without malicious intent?
grey hat
Where would a NIDS sit on a network? (Select the best answer.)
inline
Which of the following would protect against an attacker entering malicious code into a web form?
input validation
For information security, what is the I in CIA?
integrity
Which of the following should be used to filter out activities such as instant messaging?
internet content filter
Which of the following commands can be used to turn off a service?
net stop
Which of the following commands enables you to synchronize a client's time to a domain controller?
net time
Which of the following types of encryption can encrypt plaintext with a secret random key that is the same length as the plaintext?
one-time pad
Which of the following would not be considered part of a disaster recovery plan?
patch management software
Which command disables a service in the command line?
sc config
Of the following, what are three ways to increase the security of Microsoft Outlook? (Select the three best answers.)
-Password protect .PST files. -Increase the junk e-mail security level. -Install the latest Office update or service pack.
Which of the following are asymmetric encryption algorithms? (Select the two best answers.)
-RSA -Diffie-Hellman
What are two ways of discouraging bluesnarfing? (Select the two best answers.)
-Select a pairing key that is not easy to guess. -Set the device to undiscoverable.
Which of the following are examples of penetration testing methods? (Select the two best answers.)
-The Open Source Security Testing Methodology Manual -NIST penetration testing
In a signature-based monitoring environment, network traffic is analyzed for predetermined attack patterns.
true
Which of the following cable types can be susceptible to crosstalk? (Select the two best answers.)
-Twisted-pair -Coaxial
Which of the following are ways to help defend against distributed denial-of-service attacks? (Select the three best answers.)
-Update firewalls. -Use intrusion prevention systems. -Use a "clean pipe."
Which of the following should be included in a password to make it complex? (Select the three best answers.)
-Uppercase letters -Numbers -Special characters
Which of the following can help to secure the BIOS of a computer? (Select the two best answers.)
-Use a case lock. -Use a BIOS supervisor password.
Which of the following should you implement to keep a well-maintained computer? (Select the three best answers.)
-Use a surge protector. - Update the BIOS and/or UEFI. - Update the firewall.
Which of the following ways can help secure a modem? (Select the two best answers.)
-Use the callback feature. -Use strong passwords.
Which of the following questions should you take into account when securing log files? (Select the two best answers.)
-Were the log files encrypted and hashed? -Are the logs stored in multiple locations?
Which of the following are examples of protocol analyzers? (Select the two best answers.)
-Wireshark
Which of the following should be done to maintain and harden a hard disk? (Select the two best answers.)
-defragment the drive -Consider a whole disk encryption
Which of the following should you include as general browser security practices? (Select the two best answers.)
-use a proxy server -train your users
Which of the following port numbers is used by the Character Generator (CHARGEN)?
19
Which port does Remote Desktop Protocol use?
3389
Within the birthday paradox, what is the probability that two people have the same birth date within a group of 23 people?
50 Percent
To use the Lightweight Directory Access Protocol (LDAP) in a secure fashion, what port should be used?
636
A client computer uses the IP address 10.254.254.189. It has made a connection to a web server by opening the outbound port 1589. The server uses the IP address 65.19.28.154. You want to filter out any HTTP packets coming from the server. Which IP address and port should you specify to be filtered on the firewall?
65.19.28.154:80
What is the most common port used when connecting an Internet Explorer browser to a proxy server for use with HTTP connections?
80
Timothy complains about a lot of pop-up windows when he uses Internet Explorer. Which key combination should you tell him to use to close the pop-up windows?
Alt+F4
Which of the following is described as "when a person's identity is confirmed or verified through the use of a specific system"?
Authentication
Which of the following does the "A" in "CIA" stand for when relating to IT security? (Select the best answer.)
Availability
You are contracted to conduct a forensic analysis of a computer. What should you do first?
Back Up the system
Which of the following is placed in an application by programmers either knowingly or inadvertently to bypass normal authentication?
Backdoor
Which of the following methods of malware delivery is used in computer programs to bypass normal authentication?
Backdoor
Which of the following is an example of whole disk encryption?
BitLocker
Which of the following refers to the unauthorized access of information from a wireless device through a Bluetooth connection?
Bluesnarfing
How can Internet Explorer be centrally managed for several computers?
By way of a Group Policy
Your boss wants you to make changes to 20 computers' Internet Explorer programs. To do this quickly, what is the best solution?
Create and use a template.
What key combination helps to secure the logon process?
Ctrl+Alt+Del
A honeypot is a device that caches information for hackers.
False
A portable gas engine generator is the best solution for a company that wants a permanently installed generator.
False
Which of the following are examples of virtualization? (Select the three best answers.)
-Hyper-v -virtualBox -VMware Workstation
Which of the following are commonly used in VPN tunneling protocols? (Select the two best answers.)
-PPTP -L2TP
Which of the following is a common encryption standard used today and can work with a 256-bit block size?
AES
Which of the following is the amount of times per year that a specific incident occurs?
ARO
A smart card is an example of something a user knows.
False
You are installing a video monitoring system for your organization. You do not want any outside people to view the video. What is the best solution?
CCTV
What is a certificate added to when it is considered to be no longer valid?
CRL
Which of the following will have tables, chairs, restrooms, and possibly some basic phone, data, and electric lines?
Cold site
Which of the following might include syntax errors in the code and type-checking errors?
Compile-time error
Which of the following is the greatest risk for removable storage?
Confidentiality of data
A stream cipher is a type of algorithm that encrypts a group of bits collectively as individual units known as blocks.
False
Which of the following is used to house FTP servers, mail servers, and web servers so that people on the Internet can access them but cannot access any other of the organization's servers?
DMZ
Which of the following should be modified because it is weak by default?
Default Account
When conducting an audit, what should be done after risk has been scanned for, analyzed, and calculated?
Develop a plan to mitigate risk.
Which of the following is when a prearranged list of likely words is attempted one at a time?
Dictionary Attack
A person complains that he cannot see any events in the Event Viewer. Which of the following questions should you not ask the person?
Did you reboot your computer?
Which of the following backs up only the contents of a folder that have changed since the last full backup?
Differential backup
Which of the following encryption algorithms is based on the structure of an elliptic curve?
ECC
Which of the following is not an example of good cloud security?
Eight-character passwords
Which of the following is not part of the three-step auditing process?
Evaluating the system log
Which of the following is NOT a typical symptom of a virus?
Excessive pop-up windows appear.
Which of the following is also known as "high-availability clusters"?
Failover Clusters
A MAC flood is when a person accesses a single port of a switch that was not physically secured.
False
A NIDS can inspect traffic and possibly remove, detain, or redirect malicious traffic.
False
A broadcast storm is when the TCP/IP handshake has been compromised.
False
An intranet enables multiple companies to access a secure area of a company's network.
False
Anomaly-based monitoring uses predetermined attack patterns.
False
Authorization is when a person is in a state of being identified.
False
Behavior-based monitoring establishes a performance baseline based on a set of normal network traffic evaluations.
False
Biometrics is an example of a logical authentication system.
False
Bluejacking is the unauthorized access of information from a wireless device through a Bluetooth connection.
False
Botnets do not affect mobile devices.
False
By default, Wireshark is non-promiscuous.
False
Certificates are digitally signed electronic documents that bind a private key with a user identity.
False
DES is a commonly-used block cipher.
False
Encryption is a type of cipher.
False
If you move a folder to a different location on the same volume, that folder will lose its permissions.
False
In an 802.1X connection, the authenticator is software running on a workstation.
False
In quantitative risk assessment: SLE X ALE = ARO
False
Lattice-based access control is an example of role-based access control.
False
Least privilege is a concept that denies all traffic to a resource unless the user is specifically granted access to that resource.
False
Microsoft's Disk Defragmenter can be used to revert to a previous restore point.
False
Most PKIs use a web of trust model.
False
Multifactor authentication is when a user can log in once and gain access to multiple systems.
False
NAT filtering accepts or rejects packets based on rules.
False
OVAL is a type of penetration testing.
False
One example of PaaS is a Gmail email account.
False
One of the reasons to have job rotation implemented is to increase employee boredom.
False
One of the strategies an organization might employ when managing a particular risk is to accept none of the risk.
False
One way of protecting Microsoft Outlook is to use a password for opening or modifying documents.
False
One way to defend against a double-tagging attack is to put unplugged ports on the switch into an unused VLAN.
False
One way to protect a WAN is to place all the computers behind a router.
False
One way to secure the administration interface of a WAP is to turn it off when not in use.
False
Opening mail relays can decrease the amount of spam that an organization receives on its e-mail server.
False
Passive security analysis is when actual hands-on tests are run on a system.
False
Port 443 is used by Ms-sql-s.
False
Port 53 is used by the DoS protocol.
False
Privilege escalation is used in computer programs to bypass normal authentication.
False
Public keys are known only to specific users who keep the key secret.
False
Which of the following occurs when an IDS identifies legitimate activity as something malicious?
False positive
If a server has inbound port 21 open, what service is it running?
File Transfer Protocol
Which of the following should be your primary line of defense in network security?
Firewall
James has detected a network intrusion in his company. What should he check first?
Firewall logs
Which of the following backup schemes could be described as using a daily, weekly, and monthly set of tapes?
Grandfather-father-son
Your boss wants you to secure your web server's transactions. Which protocol and port number should you use to accomplish this?
HTTPS - port 443
"Maximum and minimum password age" is part of which of the following?
Password Policy
Which of the following is not a good strategy for securing a WAP?
Place it in a faraday cage
Which type of virus can change every time it is executed in an attempt to avoid antivirus detection?
Polymorphic
Which of the following is not a category of disaster?
Pretexting
Which of the following is the act of exploiting a bug or design flaw in an operating system or application to gain access to resources that normally would be protected from an application or user?
Privilege escalation
Which tool can be instrumental in capturing FTP GET requests?
Protocol analyzer
Which of the following uses the equation SLE X ARO = ALE?
Quantitative risk assessment
Which of the following can be described as striping with parity?
RAID 5
Which of the following access control policies is based on sets of permissions involved in an operation?
RBAC
Which of the following is a stream cipher?
RC4
Which of the following best describes an audit trail?
Records or logs that show the tracked actions of users
You find a rogue access point on your network. What should you do with it? (Select the best answer.)
Remove it
Which of the following is not a denial-of-service attack?
Replay attack
Which of the following refers to a cloud computing service where a large service provider integrates its security services into a customer's existing infrastructure?
SECaaS
Which of the following employs a 160-bit hash?
SHA-1
What is baselining?
The process of measuring changes in networking, hardware, and software
Which of the following is the strongest password?
This1sV#ryS3cure
Which of the following would fall into the category of something the user is?
Thumbprint
What is the main reason to frequently view the logs of a DNS server?
To monitor unauthorized zone transfers
A DMZ is a special area of the network accessed by clients on the Internet.
True
A RAT is an example of a Trojan horse.
True
A blackout is when a total loss of power occurs for a prolonged period.
True
A cryptanalysis attack is a type of password cracking method.
True
A false positive is when a system authenticates a user who should not be allowed to access that system.
True
A firewall can use NAT and packet filters.
True
A key is an essential piece of information that determines the output of a cipher.
True
A master computer controls a botnet.
True
A proxy server acts as a go-between for the clients on the network and the Internet.
True
A service pack is a group of updates, bug fixes, updated drivers, and security fixes.
True
A single point of failure is an element, object, or part of a system that, if it fails, can cause the entire system to fail.
True
A stateless packet filter is vulnerable to IP spoofing attacks.
True
Access control lists enable or deny traffic and can be configured to help secure a router.
True
Active Directory Users and Computers can be used to add organizational units to a domain.
True
An IP proxy can be the victim of denial-of-service attacks.
True
An NMS is the software run on one or more servers that control the monitoring of network-attached devices and computers.
True
An older type of door access system might use a proximity sensor.
True
Authentication is when a person's identity is confirmed through the use of a specific system.
True
Back Orifice is an example of a backdoor.
True
Baselining is the process of measuring changes in networking.
True
Battery-inverter generators use lead-acid batteries.
True
Black-box testing uses testers with no advanced knowledge of the system.
True
By checking CVEs, you can keep informed of the latest attacks to web servers.
True
Which of the following has the strongest level of encryption?
WPA2
Which of the following is the best option to use to prevent spyware?
Windows Defender
Which of the following is a protocol analyzer?
Wireshark
Which of the following is an example of a personal software firewall?
ZoneAlarm
A UPS combines the functionality of a surge suppressor and a battery backup.
true
What should you configure to improve wireless security?
use MAC filtering
A person searches for wireless networks from his car. This is an example of which of the following?
wardriving
The act of splitting the wires of a twisted-pair cable connection would be an example of which of the following?
wiretapping