Security Final Exam Question Study Guide

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

You have been asked to implement a RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5?

3

What are requirements deploy Kerberos on a network?

A centralized database of users and passwords Time synchronization between devices

What describes a man-in-the-middle attack?

A false server intercepts communications from a client by impersonating the intended server

What is the main difference between a worm and a virus?

A worm can replicate itself, while a virus requires a host for distribution.

Which of the following switch attacks associates the attacker's MAC address with the IP address of the victim's devices.

ARP spoofing/poisoning

You have just purchased a new network device and are getting ready to connect it to your network. Which of the following should you do to increase its security? select two

Apply all patches and updates Change default account password

What is the primary countermeasure to social engineering?

Awareness

A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?

Botnet

Which type of attack is the act of exploiting a software program's free acceptance of input in order to execute arbitrary code on a target?

Buffer Overflow

What are two advantages of Virtualization?

Centralized administration Easy migration of systems to different hardware

Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service?

Clustering

When two different messages produce the same hash value, what has occurred?

Collision

For users on your network, you want to automatically lock their user accounts if four incorrect passwords are used within 10 minutes. What should you do?

Configure account lockout policies in Group Policy

You want to ensure that all users in the Development OU have a common set of network communication security settings applied. What should you do?

Create a GPO computer policy for the computers in the Development OU

What is an example of privilege escalation?

Creeping Privileges

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

DDoS

What are subject to SQL injection attacks?

Database servers

What is NOT a valid response to a risk discovered during a risk analysis?

Denial

What is the most obvious means of providing non-repudiation in a cryptography system?

Digital signatures

Which of the following measures will make your wireless network invisible to the casual attacker performing war driving?

Disable SSID broadcast

What action should you take to reduce the attack surface of a server?

Disable unused services

Which functions can a port scanner provide?

Discovering unadvertised servers Determining which ports are open on a firewall

When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the windows to see what the problem is. Later, you find out that the window has installed spyware on your system. What type of attack has occurred?

Drive-by Download

What is the most common means of virus distribution?

Email

By definition, what is the process of reducing security exposure and tightening security controls?

Hardening

Which of the following devices does not examine the MAC address in a frame before processing or forwarding the frame?

Hub

What characteristics of hubs poses a security threat?

Hubs transmit frames to all hosts on all ports

What is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations?

IDS

What is the primary goal of business continuity planning?

Maintaining business operations with reduced or restricted infrastructure capabilities or resources

What is another name for a backdoor that was left in a product manufacturer by accident?

Maintenance hook

When recovery is being performed due to a disaster, which services are to be stabilized first?

Mission critical

When a sender encrypts a message using their own private key, what security service is being provided to the recipient?

Non-repudiation

What is a firewall function?

Packet Filtering

What uses hacking techniques to proactively discover internal vulnerabilities?

Penetration testing

Instant Messaging does not provide what?

Privacy

An attacker has obtained the logon credential for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?

Privilege escalation

What does hashing of log files provide?

Proof that the files have not been altered

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?

Rogue access point

In the certificate authority trust model known as a hierarchy, where does trust start?

Root CA

What security principle prevents any one administrator from having sufficient access to compromise the security of the overall IT solution?

Separation of duties

What type of malware monitors your actions?

Spyware

Which form of cryptanalysis focuses on the weaknesses in the supporting computing platform as a means to exploit and defeat encryption?

Statistical attack

What is the cryptography mechanism which hides secret communications within various forms of data?

Steganography

What development modes is a method used by programmers while writing programs that allow for optimal control over coherence, security, accuracy, and comprehensibility?

Structured programming

What best describes the purpose of using subnets?

Subnets divide an IP address into multiple addresses.

A VPN is used primarily for what purpose?

Support secured communications over an untrusted network

What is the main difference between DoS attack and a DDoS attack?

The DDoS attack uses zombie computers

Define Single Loss Expectancy (SLE)

The total monetary loss associated with a single occurrence of a threat

Why do attackers prefer static environment devices to conduct distributed network attacks?

These devices tend to employ much weaker security than traditional network devices. These devices are typically more difficult to monitor than traditional network devices.

Why are brute force attacks always successful?

They test every possible valid combination

A user named Bob Smith has been assigned a new desktop workstation to complete his daytoday work. The computer runs Windows 7. When provisioning Bob's user account in your organization's domain, you assigned an account name of BSmith with an initial password of bw2Fs3d. On first logon, Bob is prompted to change his password, so he changes it to the name of his dog (Fido). What should you do to increase the security of Bob's account? (Select two.)

Train users not to use passwords that are easy to guess. Use Group Policy to require strong passwords on user accounts.

Which of the following describes how a router can be used to implement security on your network?

Use an access control list to deny traffic from specific IP addresses

You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use?

Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.

You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain Internet Access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement?

VLANs

You manage the information systems for a large co-location data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?

Verify that your network's existing security infrastrucutre is working properly. Install the latest firmware updates from the device manufacturer

What describes marks that attackers place outside a building to identify an open wireless network?

Warchalking

What is an example of a decentralized privilege management solution?

Workgroup

What is an attack that injects malicious scripts into webpages to redirect users to fake websites or gather personal information?

XSS


Set pelajaran terkait

CompTIA A+ 220-1002 Lesson 17:Installing Configuring and Troubleshooting Print Devices - Activity questions

View Set

Health and Wellness Chapter 1 Review Questions

View Set

ServSafe 6th Edition Chapters 5-9

View Set

2nd qt refrigeration test review

View Set