Security+ Certification
A United States Department of Defense (DoD) smart card providing the capability for multi-factor authentication of its personnel is known as:
CAC (Common Access Card)
AES-based encryption mode implemented in WPA2 is known as:
CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)
A United States federal government initiative aimed at enabling agencies to continue their essential functions across a broad spectrum of emergencies is known as:
COOP (Continuity of Operations)
Which of the answers listed below refers to a solution allowing administrators to block Internet access for users until they perform required action?
Captive portal
In forensic procedures, a chronological record outlining persons in possession of an evidence is referred to as:
Chain of Custody
Which of the examples listed below falls into the category of operational security controls?
Change Management
Which of the answers listed below refer(s) to the Advanced Encryption Standard (AES): (Select all that apply)
- 128-, 192-, and 256-bit keys - Symmetric-key algorithm - Block cipher algorithm
Which of the following are symmetric-key algorithms? (Select 3 answers)
- AES (Advanced Encryption Standard) - DES (Data Encryption Standard) - 3DES (3x Data Encryption Standard)
Which of the following answers refer to the Rule-Based Access Control (RBAC) model? (Select 2 answers)
- Access to resources granted or denied depending on Access Control List (ACL) entries - Implemented in network devices such as firewalls in order to control inbound and outbound traffic based on filtering rules
Restoring data from an incremental backup requires: (Select 2 answers)
- All copies of incremental backups made since the last full backup
What are the features of Elliptic Curve Cryptography (ECC)?
- Asymmetric Encryption - Suitable for small wireless devices
Penetration testing: (Select all that apply)
- Bypasses Security Controls - Actively Tests Security Controls - Exploits Vulnerabilities
Which of the following security control types fall(s) into the category of detection controls? (Select all that apply)
- CCTV (Closed Circuit Television) - Motion Sensors - IDS (Intrusion Detection System)
Which of the solutions listed below allow(s) to check whether a digital certificate has been revoked? (Select all that apply)
- CRL (Certificate Revocation List) - OCSP (Online Certificate Status Protocol)
Which of the following answers list(s) the characteristic features of pharming? (Select all that apply)
- DNS Poisoning - Domain Spoofing
The process of OS hardening involves: (Select all that apply)
- Disabling Unnecessary Services - Password Protection - Disabling Unnecessary Accounts
Which of the following security controls provide(s) confidentiality? (Select all that apply)
- Encryption - Steganography
Which of the security control types listed below fall(s) into the category of preventative controls? (Select all that apply)
- Fencing - Hardware Locks - Mantraps
Which of the following security controls provide(s) integrity? (Select all that apply)
- Hashing - Digital Signatures - Non-Repudation
Which of the following answers apply to smurf attack? (Select 3 answers)
- IP Spoofing - DDoS - Large amount of ICMP (Internet Control Message Protocol) echo replies
Address Resolution Protocol (ARP) translates: (Select all that apply)
- IP addresses into MAC addresses - Network layer addresses into link layer addresses
Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply)
- IPsec - Kerberos - CHAP (Challenge Handshake Authentication Protocol)
Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply)
- IPsec - Kerboros - CHAP (Challenge Handshake Authentication Protocol)
Which of the following programming aspects are critical in secure application development process? (Select 2 answers)
- Input Validation - Error and Exception Handling
Examples of key stretching algorithms include: (Select 2 answers)
- PBKDF2 (Password-Based Key Derivation Function 2) - Bcrypt
The two factors that are considered important for creating strong passwords are:
- Password length - Password Complexity
A fraudulent email requesting its recipient to reveal sensitive information (e.g. user name and password) used later by an attacker for the purpose of identity theft is an example of: (Select 2 answers)
- Phishing - Social Engineering
Which of the answers listed below apply to xmas attack? (Select 2 answers)
- Port Scan - Denial-of-service attack
Which of the following answers refer to the applications / features of quantum cryptography? (Select 2 answers)
- Protection against easedropping - Secure key exchange
Hardware-based RAID Level 1: (Select 3 answers)
- Requires at least 2 drives to implement - Offers improved reliability by creating identical data sets on each drive (failure of one drive does not destroy the array as each drive contains identical copy of the data) - also referred to as disk mirroring
Hardware-based RAID Level 5: (Select 2 answers)
- Requires at least 3 drives to implement - Offers increased performance and fault tolerance (single drive failure does not destroy the array and lost data can be re-created from the remaining drives)
What type of encryption protocols are used by Secure LDAP (LDAPS)? (Select all that apply)
- TLS (Transport Layer Security)\ - SSL (Secure Sockets Layer)
Which of the following answers list the characteristic features of the Mandatory Access Control (MAC) model? (Select 3 answers)
- Users are not allowed to change access policies at their own discretion - Labels and clearance levels can only be applied and changed by an administrator - Every resource has a sensitivity label matching a clearance level assigned to a user
Which of the following wireless security features are not recommended and should not be used due to their known vulnerabilities? (Select 2 answers)
- WPS (Wi-FI Protected Setup) - WEP (Wired Equivalent Privacy)
Which of the following fall(s) into the category of social engineering attacks? (Select all that apply)
- Whaling - Shoulder surfing - Dumpster Diving - Tailgating - Vishing
Single Loss Expectancy (SLE) = Asset Value (AV) x Exposure Factor (EF). The Exposure Factor (EF) used in the formula above refers to the impact of the risk over the asset, or percentage of asset lost when a specific threat is realized. Which of the following answers lists the EF value for an asset that is entirely lost?
1.0 = Entirely Lost
Which part of the 192.168.1.5/24 address identifies its network ID?
192.168.1
Which of the following answers lists a /27 subnet mask?
255.255.255.224
Which of the following answers lists the IPv6 loopback address?
::1
Which of the answers listed below refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?
ACL (Access Control List)
Which of the following acronyms refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?
ALE (Annualized Loss Expectancy)
Which of the answers listed below refers to the correct formula for calculating probable financial loss due to a risk over a one-year period?
ALE = ARO x SLE
An estimate based on the historical data of how often a threat would be successful in exploiting a vulnerability is known as:
ARO (Annualized Rate of Occurance)
In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat.
ARO (Annualized Rate of Occurance)
Which of the following exploits takes advantage of the spoofed MAC address?
ARP Poisoning (Address Resolution Protocol)
Which of the following acronyms refers to a set of rules enforced in a network that restrict the use to which the network may be put?
AUP (Acceptable Use Policy)
Which of the account policies listed below provides a countermeasure against malicious users attempting to determine an account password by trial and error?
Account Lockout
A type of virus that takes advantage of various mechanisms specifically designed to make tracing, disassembling and reverse engineering its code more difficult is known as:
Armored virus
Which part of the AAA framework deals with verification of the identity of a person or process?
Authentication
Which part of the AAA framework deals with granting or denying access to resources?
Authorization
Which part of the AAA framework incorporates the time-of-day restrictions requirement?
Authorization
Which of the following answers refers to a key document governing the relationship between two business organisations?
BPA (Business Partners Agreement)
Which of the acronyms listed below refers to a policy of permitting employees to bring personally owned mobile devices and to use those devices to access privileged company information and applications?
BYOD (Bring Your Own Device)
Which of the following answers refers to an undocumented way of gaining access to a program, online service or an entire computer system?
Backdoor
Which of the following answers list(s) example(s) of physical security control types? (Select all that apply)
Biometrics, Motion Detection, and Video Surveillance
The practice of sending unsolicited messages over Bluetooth is known as:
Bluejacking
The practice of gaining unauthorized access to a Bluetooth device is referred to as:
Bluesnarfing
A group of computers running malicious software under control of a hacker is referred to as:
Botnet
Which of the following password attacks requires the most computing power?
Brute force attack
A temporary area of memory allocated with a fixed size for holding data while it's waiting to be transferred to another location is known as:
Buffer
A type of exploit that relies on overwriting the contents of memory in order to cause unpredictable results in an application is called:
Buffer Overflow
A sticky note with a password kept on sight in user's cubicle would be a violation of which of the following policies?
Clean Desk Policy
What type of action allows an attacker to exploit the XSS vulnerability?
Code Injection
Which of the following functionalities allows a DLP system to fulfil its role?
Content Inspection
An access control method based on the identity of subjects and/or groups to which they belong is called:
DAC (Discretionary Access Control)
Which of the following attacks uses multiple compromised computer systems against its target? (Select best answer)
DDoS (Distributed Denial of Service)
Which of the following acronyms refers to software or hardware based security solutions designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network?
DLP (Data Loss Prevention)
A lightly protected subnet placed on the outside of the company's firewall consisting of publicly available servers is known as:
DMZ (Demilitarized Zone)
A system used to convert a computer's host name into an IP address on the Internet is known as:
DNS (Domain Name Service)
Which of the following password attacks takes advantage of a predefined list of words?
Dictionary attack
Which of the following answers refers to a solution for secure exchange of cryptographic keys? (Select best answer)
Diffie-Hellman
An HTTP exploit which allows attackers to access restricted directories and execute commands outside of the web server's root directory is known as:
Directory Traversal Attack
What is the goal of tabletop exercises? (Select all that apply)
Disaster Recovery Planning and Discussing a Simulated Emergency Situation
Hardware-based RAID Level 0: (Select 2 answers)
Doesn't offer fault tolerance, Requires at least two drives to implement
The DNS service is used for translating:
Domain names into IP addresses
Which of the following terms refers to a backup technique that allows for creating an exact copy of an entire drive and replicating the drive to a new computer or to another drive on the same computer in case of hard drive failure? (Select best answer)
Drive imaging
Which of the answers listed below refers to a common target of cross-site scripting?
Dynamic Web Pages
Which of the answers listed below refers to an authentication framework frequently used in wireless networks and point-to-point connections?
EAP (Extensible Authentication Protocol)
Which of the protocols listed below uses elliptic curve cryptography for secure exchange of cryptographic keys?
ECDHE (Elliptic Curve Diffie-Hellman key Exchange)
Which of the following answers refers to a privacy-related security risk connected with public sharing of pictures taken with smartphones?
Embedded Geotag
Which of the terms listed below refers to a rogue access point?
Evil Twin
Allowing a connection through a firewall is known as creating:
Exception
A cold site is the most expensive type of backup site for an organization to operate.
False
A type of Intrusion Detection System (IDS) that relies on the previously established baseline of normal network activity in order to detect intrusions is known as a signature-based IDS.
False
Block ciphers work by encrypting each plaintext digit one at a time.
False
High MTBF value indicates that a component or system provides low reliability and is more likely to fail.
False
In a differential backup strategy, restoring data from backup requires only a working copy of the last full backup.
False
Key exchange mechanism whereby the cryptographic key is being delivered over a different channel than the main communication channel (for example on a USB thumb drive) is an example of an in-band key exchange.
False
Large amount of processing power required to both encrypt and decrypt the content of the message causes that symmetric-key encryption algorithms are much slower when compared to algorithms used in asymmetric encryption.
False
Log analysis should not take into account the difference between the reading of a system clock and standard time as this impedes the reconstruction of the sequence of events during an attack or security breach.
False
One of the advantages of the Remote Authentication Dial-In User Service (RADIUS) is that it provides encryption for the entire authentication process.
False
Recovery time objective (RTO) specifies a point in time to which systems and data must be recovered after a disaster has occurred.
False
The biggest advantage of public cloud is that all services provided through this type of cloud computing service model are offered free of charge.
False
The two basic techniques for encrypting information include symmetric encryption (also called public-key encryption) and asymmetric encryption (also called secret-key encryption.)
False
Which of the following terms refers to a situation where no alarm is raised when an attack has taken place?
False Negative
An antivirus software identifying non-malicious file as a virus due to faulty virus signature file is an example of:
False positive error
The FTP protocol is designed for:
File exchange
A software or hardware that checks information coming from the Internet and depending on the applied configuration settings either blocks it or allows it to pass through is called:
Firewall
Which of the following security solutions provides a countermeasure against denial-of-service attack characterized by increasing number of half-open connections?
Flood Guard
The practice of finding vulnerability in an application by feeding it incorrect input is known as:
Fuzzing
Which of the following passwords is the most complex?
G$L3tU8wY@z
What is tailgating?
Gaining unauthorized access to restricted areas by following another person.
Software that cannot be clearly classified as malware is referred to as:
Grayware
Which of the terms listed below refers to a security solution implemented on an individual computer host monitoring that specific system for malicious activities or policy violations?
HIDS (Host-based Intrusion Detection System)
A piece of hardware and associated software / firmware that usually attaches to the inside of a PC or server and provides at least the minimum of cryptographic functions is called:
HSM (Hardware Security Module)
A system combining heating, ventilating, and air conditioning controls is known as:
HVAC (Heating Ventilation Air Conditioning)
What kind of general term is used to describe the process of securing a computer system?
Hardening
SHA, MD5, and RIPEMD are examples of:
Hash Functions
Which of the following answers refers to the contents of a rainbow table entry?
Hash/Password
What is the purpose of steganography?
Hiding data within another piece of data
Steganography allows for:
Hiding data within another piece of data.
A computer system used to divert the attacker's attention from corporate network is known as:
Honeypot
A monitored host containing no valuable data specifically designed to detect unauthorized access attempts is known as:
Honeypot
Which of the following backup site types allows for fastest disaster recovery?
Hot site
Which of the protocols listed below is used by the PING utility?
ICMP (Internet Control Message Protocol)
Which of the following acronyms refers to a network or host based monitoring system designed to automatically alert administrators of known or suspected unauthorized activity?
IDS (Intrusion Detection System)
Which of the following examples falls into the category of technical security controls?
IDS (Intrusion Detection System)
DNS database AAAA record identifies:
IPv6 Address
Which of the answers listed below refers to an agreement established between the organizations that own and operate connected IT systems to document the technical requirements of the interconnection?
ISA (Interconnection Security Agreement)
Which of the answers listed below refers to an attack aimed at exploiting the vulnerability of WEP?
IV Attack (Initialization Vector)
In which of the cloud computing infrastructure types clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment?
IaaS (Infrastructure as a Service)
Which of the following policies applies to any requests that fall outside the criteria defined in an ACL?
Implicit Deny Policy
What is the function of archive bit?
Indicating whether a file has been modified since the last backup
Which of the following answers refers to a countermeasure against code injection?
Input Validation
Which of the answers listed below exemplifies an implementation of risk transference methodology?
Insurance Policy
In forensic analysis, taking hashes ensures that the collected evidence retains:
Integrity
Taking hashes ensures that data retains its:
Integrity
Assigning a unique key, called a ticket, to each user that logs on to the network is a characteristic feature of:
Kerberos (Network Authentication Protocol)
What is the name of a storage solution used to retain copies of private encryption keys?
Key Escrow
One of the answers below lists some of the past and current authentication protocols used in Microsoft networks arranged from oldest / obsolete up to the current recommendation. Which of the answers lists the protocols in the correct order?
LANMAN › NTLM › NTLMv2 › Kerberos - LANMAN (Local Area Network Manager) - NTLM (New Technology LAN Manager) - NTLMv2 (new Technology LAN Manager version 2) - Kerboros
Which of the following acronyms refers to flash cookies?
LSO (Local Shared Objects)
Which of the following answers refers to a dedicated device for managing secure connections established over an untrusted network, such as the Internet?
Layer 3 Switch
A concept of effective security posture employing multiple tools and different techniques to slow down an attacker is known as: (Select 2 answers)
Layered Security and Defense in Depth
Which of the following examples falls into the category of deterrent security control types?
Lighting
A network device designed for managing the optimal distribution of workloads across multiple computing resources is called:
Load Balancer
Which of the following actions can be taken by passive IDS? (Select 2 answers)
Logging and Sending an Alert
Malicious code activated by a specific event is known as:
Logic Bomb
Which of the access control models listed below enforces the strictest set of access rules?
MAC
An access control model in which every resource has a sensitivity label matching a clearance level assigned to a user is known as:
MAC (Mandatory Access Control)
Which of the answers listed below refers to the most common access control model used in Trusted OS implementations?
MAC (Mandatory Access Control)
A network access control method whereby the 48-bit address assigned to each network card is used to determine access to the network is known as:
MAC Filter
Which of the following is an example of active eavesdropping?
MITM (Man in the Middle)
A document established between two or more parties to define their respective responsibilities in accomplishing a particular goal or mission is known as:
MOU (Memorandum of Understanding)
Which of the following terms is used to describe the average time required to repair a failed component or device?
MTTR (Mean Time to Repair)
Disabling SSID broadcast:
Makes a WLAN harder to discover.
Which of the following answers refers to a general term used to describe software designed specifically to damage or disrupt the operation of a computer system?
Malware
Which of the following security controls is used to prevent tailgating?
Mantraps
What is war chalking?
Marking unsecured wireless networks
Which of the following answers lists an example order of volatility for a typical computer system?
Memory Dump, Temporary Files, Disk files, Archival Media
Which security measure is in place when a client is denied access to the network due to outdated antivirus software?
NAC (Network Address Control)
Which of the following solutions is used to hide the internal IP addresses by modifying IP address information in IP packet headers while in transit across a traffic routing device?
NAT (Network Address Translation)
Which of the following network security solutions inspects network traffic in real-time and has the capability to stop the ongoing attack?
NIPS (Network-Based Intrusion Prevention System)
Which of the following provides the fastest way for validating a digital certificate?
OCSP (Online Certificate Status Protocol)
Which of the answers listed below refers to a security measure providing protection against various password-based attacks, specifically password sniffing and replay attacks?
OTP (One-Time Password)
Which of the following antenna types would provide the best coverage for workstations connecting to a WAP placed in a central point of a typical office? (Select all that apply)
OmniDirectional and Non-Directional
In forensic procedures, a sequence of steps in which different types of evidence should be collected is known as:
Order of Volatility
EMI shielding protects the transferred data from: (Select all that apply)
Outside Interference and Eavesdropping
Which of the following protocols transmits passwords over the network in an unecrypted form and is therefore considered unsecure?
PAP (Password Authentication Protocol)
What type of system can be compromised through phreaking?
PBX (Private Branch Exchange)
Which of the following acronyms refers to a solution allowing companies to cut costs related to the managing of internal calls?
PBX (Private Branch Exchange)
Which of the protocols listed below encapsulates EAP within an encrypted and authenticated TLS tunnel?
PEAP (Protected Extensible Authentication Protocol)
A computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet is known as:
PGP (Pretty Good Privacy)
GNU Privacy Guard (GPG) provides similar functionality and an alternative to:
PGP (Pretty Good Privacy)
Which of the following acronyms refers to any type of information pertaining to an individual that can be used to uniquely identify that person?
PII (Personally Identifiable Information)
Which of the answers listed below refers to a Wi-Fi Protected Setup (WPS) exploit?
PIN recovery (Personal Identification Number)
Which of the following cloud service types would provide the best solution for a web developer intending to create a web app?
PaaS (Platform as a Service)
A software tool used for monitoring and examining contents of the network traffic is known as:
Packet Sniffer
An account policy setting that forces users to come up with a new password every time they are required to change their old password is called:
Password History
Which of the following examples meets the requirement of multi-factor authentication?
Password and Biometric Scan
Which of the following answers refers to a DNS poisoning attack?
Pharming
The process by which malicious software changes its underlying code to avoid detection is called:
Polymorphism
Which of the following ports enable(s) retrieving email messages from a remote server? (Select all that apply)
Port Number: 110 and 143
Which of the port numbers listed below are used by NetBIOS? (Select all that apply)
Port Number: 137, 138, and 139
IMAP runs on TCP port:
Port Number: 143
FTP runs by default on ports: (Select 2 answers)
Port Number: 20 and 21
Which of the following TCP ports is used by SMTP?
Port Number: 25
Which of the answers listed below refers to the default port number for a Microsoft-proprietary remote connection protocol?
Port Number: 3389
Lightweight Directory Access Protocol (LDAP) runs on port:
Port Number: 389
Which of the following TCP ports is used by HTTPS?
Port Number: 443
TACACS+ runs on TCP port:
Port Number: 49
DNS runs on port:
Port Number: 53
The non-standard, enhanced version of the LDAP protocol providing the capability for encrypted transmission runs on port:
Port Number: 636
An HTTP traffic can be enabled by opening port:
Port Number: 80
Which of the following port numbers is used by Kerberos?
Port Number: 88
Which of the following protocols operate(s) at layer 3 (the network layer) of the OSI model? (Select all that apply)
Port Number: IPsec, IPv6, IPv4, and
802.1x is an IEEE standard defining:
Port-Based Network Access Control
A security stance whereby a host is being granted / denied permissions based on its actions after it has been provided with the access to the network is known as:
Post-Admission NAC (Network Access Control)
Which of the following WAP configuration settings allows for adjusting the boundary range of the wireless signal?
Power level controls
What is the purpose of non-repudiation?
Preventing someone from denying that they have taken a specific action
What is the purpose of non-repudiation?
Preventing someone from denying that they have taken specific action
A security rule that prevents users from accessing information and resources that lie beyond the scope of their responsibilities is known as:
Principle of least Privilege
Which of the following countermeasures prevents shoulder surfing?
Privacy Filters
A policy outlining ways of collecting and managing personal data is known as:
Privacy Policy
What is the function of Windows Defender software?
Protection against spyware and other potentially unwanted software
A computer network service that allows clients to make indirect network connections to other network services is called:
Proxy
Assessment of risk probability and its impact based on subjective judgment falls into the category of:
Qualitative Risk Assessment
A calculation of the Single Loss Expectancy (SLE) is an example of:
Quantitative Risk Assessment
Which of the following solutions does not offer fault tolerance?
RAID 0
Which of the following solutions add(s) redundancy in areas identified as single points of failure? (Select all that apply)
RAID, Hot Site, UPS, and Backup Generator
Which of the following acronyms refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster?
RTO (Recovery Time Objective)
Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is known as:
Ransomware
Copies of lost private encryption keys can be retrieved from a key database by:
Recovery Agent
Which of the following terms relates closely to the concept of residual risk?
Risk Acceptance
Disabling certain system functions or shutting down the system when risks are identified is an example of:
Risk Avoidance
What type of risk management strategy is in place when accessing the network involves a login banner warning designed to inform potential attacker of the likelihood of getting caught?
Risk Deterrence
Contracting out a specialized technical component when the company's employees lack the necessary skills is an example of:
Risk Transference
A collection of software tools used by a hacker in order to mask intrusion and obtain administrator-level access to a computer or computer network is known as:
Rootkit
A device designed to forward data packets between networks is called:
Router
An access control model in which access to resources is granted or denied depending on Access Control List (ACL) entries is also known as:
Rule-Based Access Control
An access control model in which access to resources is granted or denied depending on Access Control List (ACL) entries is called:
Rule-Based Access Control
Which of the following solutions provides a single sign-on capability for Web services?
SAML (Security Assertion Markup Language)
Which of the answers listed below refers to a control system providing the capability for real-time monitoring and gathering information related to industrial equipment?
SCADA (Supervisory Control and Data Acquisition)
Which of the protocols listed below run(s) on port number 22? (Select all that apply)
SCP (Secure Copy) SFTP (SSH File Transport Protocol)
A network protocol for secure file transfer over Secure Shell (SSH) is called:
SFTP (SSH File Transfer Protocol)
An agreement between a service provider and the user(s) defining the nature, availability, quality, and scope of the service to be provided is known as:
SLA (Service Level Agreement)
Which of the following terms is used to describe the loss of value to an asset based on a single security incident?
SLE (Single Loss Expectancy)
Which of the following answers list the protocol and port number used by a spam filter? (Select 2 answers)
SMTP (Simple Mail Transfer Protocol) Port Number: 25, 2525, or 587
Which of the protocols listed below is used in network management systems for monitoring network-attached devices?
SNMP (Simple Network Management Protocol)
A group that consists of SNMP devices and one or more SNMP managers is known as:
SNMP Community
Which of the following protocols transmit(s) data in an unencrypted form? (Select all that apply)
SNMPv1 (Simple Network Management Protocol), FTP (File Transfer Protocol), and Telnet
Which of the following answers refers to a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers?
SSH (Secure Shell)
Which of the following protocols was designed as a secure replacement for Telnet?
SSH (Secure Shell)
A wireless network name is also referred to as:
SSID (Service Set Identifier)
Which of the following protocols are used for securing HTTP connections? (Select 2 answers)
SSL (Secure Socket Layer) TLS (Transport Layer Security)
An authentication subsystem that enables a user to access multiple, connected system components (such as separate hosts on a network) after a single login at only one of the components is known as:
SSO (Single Sign-On)
Which of the protocols listed below protects against switching loops?
STP (Spanning Tree Protocol)
A cloud computing infrastructure type where applications are hosted over a network (typically Internet) eliminating the need to install and run the software on the customer's own computers is called:
SaaS (Software as a Service)
In computer security, a mechanism for safe execution of untested code or untrusted applications is referred to as:
Sandbox
The term "war driving" refers to:
Scanning for unsecured wireless networks while driving in a car.
Which of the following answers refers to a user interface element on mobile devices controlling access to a device after the device is switched on?
Screen lock
The SCP protocol is used for:
Secure File Transfer
Which of the answers listed below refers to a concept of having more than one person required to complete a given task?
Separation of duties
Which of the terms listed below refers to one of the hardware-related disadvantages of the virtualization technology?
Single point of failure
A file-based representation of the state of a virtual machine at a given time is called:
Snapshot
What is adware?
Software that displays advertisements
Password combined with PIN used as an authentication requirement is an example of:
Something that the user knows
Phishing scams targeting a specific group of users are referred to as:
Spear Phishing
An email sent from unknown source disguised as a source known to the message receiver is an example of:
Spoofing
Malicious software collecting information about users without their knowledge / consent is called:
Spyware
An exact copy of the entire state of a computer system is called:
System image
Which of the following answers refers to a Cisco-proprietary alternative to RADIUS?
TACACS+ (Terminal Access Controller Access Control System Plus)
Which of the answers listed below refers to a suite of protocols used for connecting hosts on the Internet?
TCP/IP
Which of the protocols listed below does not provide authentication?
TFTP
Which of the following protocols was introduced to strengthen existing WEP implementations without requiring the replacement of legacy hardware?
TKIP (Temporal Key Integrity Protocol)
An algorithm used for computing one-time password from a shared secret key and the current time is known as:
TOTP (Time-Based One-Time Password)
Which of the following terms refers to a microchip embedded on the motherboard of a personal computer or laptop that can store keys, passwords and digital certificates?
TPM (Trusted Platform Module)
Which of the following security control types can be used in implementing a risk mitigation strategy? (Select all that apply)
Technical, Management, and Operational
Port number 23 is used by:
Telnet
A path or tool allowing an attacker to gain unauthorized access to a system or network is known as:
Threat Vector
In the OSI model, TCP resides at the:
Transport Layer
An IPsec mode providing encryption only for the payload (the data part of the packet) is known as:
Transport Mode
Which of the following answers refers to malicious software performing unwanted and harmful actions in disguise of a legitimate and useful program?
Trojan Horse
A cryptographic key generated to be used only once within a short time frame is known as session key.
True
A digital signature is a hash of a message that uniquely identifies the sender of the message and provides a proof that the message hasn't changed in transit.
True
A policy enforcing the use of paper shredder for all discarded documents is one of the countermeasures against dumpster diving.
True
A replay attack occurs when an attacker intercepts user credentials and tries to use this information later for gaining unauthorized access to resources on a network.
True
A type of Intrusion Detection System (IDS) that relies on known attack patterns to detect an intrusion is known as a signature-based IDS.
True
Authentication process can be based on different categories of authentication factors, including unique physical traits of each individual such as fingerprints ("something you are"), physical tokens such as smart cards ("something you have"), or user names and passwords ("something you know"). Additional factors might include geolocation ("somewhere you are"), or user-specific activity patterns such as for example keyboard typing style ("something you do").
True
FTPS is an extension to the FTP that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols.
True
In asymmetric encryption, any message encrypted with the use of the public key can only be decrypted by applying the same algorithm and the matching private key.
True
In asymmetric encryption, data encrypted with the use of a private key can only be decrypted with the use of a matching public key.
True
In computer security, biometrics refers to physical characteristics of the human body that can be used for identification and access control purposes.
True
In cryptography, the term "key stretching" refers to a mechanism for extending the length of the cryptographic key in order to make it more secure against brute force attacks.
True
Multi-factor authentication systems require implementation of authentication factors from two or more different categories.
True
One of the basic requirements of the Mandatory Access Control (MAC) model is that in order to be able to access a resource user's clearance level must be equal or higher than the sensitivity level assigned to the resource.
True
One of the goals behind the mandatory vacations policy is to mitigate the occurrence of fraudulent activity within the company.
True
One of the measures for securing networking devices includes the practice of disabling unused ports.
True
Rainbow tables are lookup tables used to speed up the process of password guessing.
True
Setting up hot and cold aisles in a server room allows for more efficient management of air flow.
True
The last default rule on a firewall is to deny all traffic.
True
The term "typo squatting" refers to the practice of registering misspelled domain name closely resembling other well established and popular domain name in hopes of getting Internet traffic from users who would make errors while typing in the web address in their browsers.
True
Unlike stream ciphers which process data by encrypting individual bits, block ciphers divide data into separate fragments and encrypt each fragment separately.
True
Unsolicited messages received over an instant messaging system are known as spim.
True
VLAN membership can be set through: (Select all that apply)
Trunk Port, Physical Address, and MAC Address
Which IPsec mode provides encryption for the entire packet?
Tunnel
Which of the IPsec modes provides entire packet encryption?
Tunnel
Which of the following ensures the privacy of a VPN connection?
Tunneling
URL hijacking is also referred to as:
Typo Squatting
Which of the following acronyms refers to a network security solution combining the functionality of a firewall with additional safeguards such as URL filtering, content inspection, or malware inspection?
UTM
Which of the following terms refers to a logical grouping of computers that allow computer hosts to act as if they were attached to the same broadcast domain, regardless of their physical location?
VLAN (Virtual Local Area Network)
Which of the following terms refers to a technology that allows multiple operating systems to work simultaneously on the same hardware?
Virtualization
A computer program containing malicious segment that attaches itself to an application program or other executable component is called:
Virus
The practice of using a telephone system to manipulate user into disclosing confidential information is called:
Vishing
A solution that allows to make phone calls over a broadband Internet connection instead of typical analog telephone lines is known as:
VoIP (Voice over IP)
Which of the following answers lists an example method for passive test of security controls?
Vulnerability scan
Zero-day attack exploits:
Vulnerability that is present in already released software but unknown to the software developer
Which of the following acronyms refers to a firewall controlling access to a web server?
WAF (Web Application Firewall)
Which of the wireless security protocols listed below has been deprecated in favor of newer standards due to known vulnerabilities?
WEP (Wired Equivalent Privacy)
Which of the following wireless encryption schemes offers the highest level of protection?
WPA2 (Wi-Fi Protected Access-2)
Which of the following solutions simplifies configuration of new wireless networks by providing non-technical users with a capability to easily configure network security settings and add new devices to an existing network?
WPS
Which of the answers listed below refers to wireless site survey?
War Driving
An optimal WAP antenna placement provides a countermeasure against: (Select 2 answers)
War Driving and Site Survey
URL filtering restricts access to Internet sites based on which of the following criteria?
Web Address
Phishing scams targeting people holding high positions in an organization or business are known as:
Whaling
Penetration test with the full prior knowledge on how the system that is to be tested works is called:
White Box
The term "Trusted OS" refers to an operating system:
With enhanced security features
A type of attack aimed at exploiting vulnerability that is present in already released software but unknown to the software developer is called:
Zero-day attack
A networking standard for linking data storage devices over an IP network is known as:
iSCSI (Internet Small Computer System Interface)
Which of the protocols listed below facilitate(s) communication between SAN devices? (Select all that apply)
iSCSI (Internet Small Computer System Interface) FCoE (Fibre Channel over Ethernet)