Advanced Security Ch.1-5 Quizzes

Ace your homework & exams now with Quizwiz!

GPO (Group Policy Object)

A common group of settings applied to a set of computers or users using Windows Group Policy is called what? -GPM -GRE -GPO -GPT

buffer overflow

A packet containing a long string of what are called no-operation (NOP) instructions followed by a command is usually indicative of what attack? -privilege escalation -insecure direct object references -click-jacking -buffer overflow

geotagging

Adding geographical identification metadata to various media is called what? -Locational tagging -geotagging -geoID -geojacking

the digital certificate

In a PKI, which entity contains the public key of each member and makes the key portable? the digital certificate the CA the RA the CRL

Tier 3

In storage tiering, at which tier are tape backups stored? -Tier 1 -Tier 2 -Tier 4 -Tier 3

clickjacking

In what type of attack does the hacker craft a transparent page or frame over a legitimate looking page that entices the user to click something? XSS insecure direct object references clickjacking CSRF

Signature-based

Pattern matching is a characteristic of which type of IDS? -Rule-based -Anomaly-based -Heuristic-based -Signature-based

tiering

Placing the older data on low cost, low performance storage while keeping the more active data on faster storage systems is sometimes called what? data deduplication tiering archiving virtual storage

802.1x

RADIUS servers play a role in which authentication standard? -802.2 -802.1x -802.3 -802.11

Telnet

SSH is a secure alternative to which of the following protocols? -SMTP -SSL -Telnet -FTP

IP spoofing

To which of the following attacks are ACLs most susceptible? -teardrop -smurf -IP spoofing -SYN flood

to prevent malicious scripts from executing

What are techniques like URLEncode and HTMLEncode used for? -to prevent malicious scripts from executing -to perform input validation -to prevent smurf attacks -to prevent phishing attacks

to generate error messages in web applications

What is OWASPs WebScarab tool used for? -to locate dangerous code -to illicit contact information about the website -to identify SQL injection attacks -to generate error messages in web applications

El Gamal

What is the slowest asymmetric algorithm? Diffie-Hellman RSA El Gamal ECC

data purging

What method is used to make the old data unavailable even with forensics? -data sandboxing -data clearing -data deletion -data purging

989 and 990

What port or ports on the firewall must be open to allow FTPS? -22 -443 -989 and 990 -20 and 21

authenticator

What role does a WAP play in an 802.1x authentication system? -authenticator -supplicant -none -authentication server

TPM (Trusted Platform Module)

What type of chip is required to be present to make the best implementation of full disk encryption? -DMA -TPM -NVRAM -EEPROM

whitelisting

When a list of allowed applications is defined it is a version of what? -whitelisting -greylisting -blacklisting -privilege de-escalation

CSRF (Cross Site Request Forgery)

When a website thinks that a request came from the user's browser and is made by the user himself when actually the request was planted in the user's browser by a hacker, what type of attack has occurred? -CSRF -XSS -insecure direct object references -memory leaks

memory leak

When an application fails to return allocated memory to the operating system it is called what? -integer overflow -teardrop -memory leak -memory invalidation

secure by default

When an application is secure without having to change any default settings it is said to be what? -secure by default -secure by reference -secure by design -secure by deployment

DLP (Data Loss Prevention)

When data cannot be emailed to anyone other than sales group members , which of the following systems has been deployed? -HIPS -DLP -NIDS -SSL

Teredo

Which IPv6 transition mechanism is used when IPv6 hosts are located behind IPv4 network address translation (NATs) ? -Dual Stack -6-to-4 -Teredo -GRE tunnels

6-to-4

Which IPv6 transition mechanism treats the wide area IPv4 network as a unicast point-to-point link layer? -GRE tunnels -6-to-4 -Dual Stack -Teredo

Failure audit for logon/logoff

Which Windows audit policy is used to prevent a random password hack? -Success and failure audit for file-access printers and object-access events -Success audit for logon/logoff -Success audit for user rights, user and group management, security change policies, restart, shutdown, and system events -Failure audit for logon/logoff

EAP-TLS

Which authentication method is not susceptible to dictionary and brute force attacks? -CHAP -MS-CHAPv1 -MS-CHAPv2 -EAP-TLS

PAP

Which authentication method sends the password in cleartext? -MS-CHAP -CHAP -PAP -EAP

access checks

Which mitigation technique helps to prevent insecure direct object references? -access checks -input validation -fuzzing -filtering input parameters

Local policies

Which of the following Windows policy categories would contain polices that could be used to audit the use of rights or privileges on the local machine? -Account policies -File System -Restricted Groups -Local policies

ISO/IEC 27034

Which of the following are standards created to provide guidance to organizations in integrating security into the development and maintenance of software applications? -IEEE 802.11i -ISO/IEC 27034 -IEEE 802.1x -ISO 9000

hot fixes

Which of the following are updates that solve a security issue and should be applied immediately? -rollups -service packs -updates -hot fixes

bluejacking

Which of the following attacks sends an unsolicited message to a Bluetooth-enabled device often for the purpose of adding their business card to the victims contact list? -bluejacking -bluesnarfing -bluebombing -bluesmurf

owned and managed by a group of organizations that create the cloud for a common purpose

Which of the following describes a community cloud? -owned and managed by a group of organizations that create the cloud for a common purpose -a solution provided by a third party -uses the facilities of the provider but the customer manages the data -a solution owned and managed by one company solely for that company's use

personal company-owned

Which of the following device types does a Mobile Device Management (MDM) solution attempt to secure? (Choose all that apply.) -government -personal -company-owned -proprietary

FCoE

Which of the following encapsulates Fiber Channel traffic within Ethernet frames? -FCP -NFS -FCoE -iSCSI

RSA

Which of the following encryption algorithms support digital signatures and encryption? RSA 3DES Blowfish IDEA

LUN masking

Which of the following hides or makes unavailable storage devices or groups of storage devices from all but devices with approved access? -SAN -RAID -LUN masking -NAS

password

Which of the following is NOT a Type III authentication factor? -retina scan -fingerprint -password -iris scan

Expensive

Which of the following is NOT a disadvantage of Network Attached Storage (NAS) when compared with SAN? -Competes with regular data on the network -Expensive -Higher latency and lower reliability than SAN -Taking frequent snapshots works better in SAN

Default passwords for default accounts should be left unchanged

Which of the following is NOT a part of host hardening? -Default passwords for default accounts should be left unchanged -Unnecessary applications should be removed -Default accounts should be renamed, if possible -Unnecessary accounts should be disabled

Inability to retain inactive data for regulatory or organizational requirements

Which of the following is NOT a potential security issue with archiving systems? -Over reliance on a single form of media -Weak access controls on the archive servers leading to stolen data -Inability to retain inactive data for regulatory or organizational requirements -Inadequate logging by the archiving software

2001::85a3:8a2e::7334

Which of the following is NOT a proper IPv6 address representation? 2001:0db8:85a3:: 8a2e:0370:7334 2001:0000:0000:85a3:8a2e:0000:0000:7334 2001:0db8:85a3:0:0:8a2e:0370:7334 2001::85a3:8a2e::7334

Difficulty in providing physical security

Which of the following is NOT a security issue with Storage Area Networks (SANs)? -No security against spoofing attacks -Ability to alter device driver code in a SAN client -Security of the data may only as secure as the OS of the client -Difficulty in providing physical security

Lack of fault tolerance

Which of the following is NOT a security issue with public cloud storage? -Data at risk traveling across the public Internet -Lack of fault tolerance -Inability to apply and manage access controls and security policies in the provider cloud -Potential theft of physical machines holding the data

Implement data deduplication.

Which of the following is NOT a security measure that should be taken when using data warehousing applications? -Reconcile data moved between the operations environment and data warehouse. -Control metadata from being used interactively. -Implement data deduplication. -Monitor the data purging plan.

RSA

Which of the following is NOT a symmetric algorithm? DES Skipjack Blowfish RSA all of the options none of the options

It is widely understood.

Which of the following is NOT an advantage of IPv6? -It has a larger address space. -IPsec is built into the standard, not an add-on. -It provides better performance due to a simpler header. -It is widely understood.

RDP requires little knowledge to implement and support.

Which of the following is NOT an advantage of RDP? -RDP requires little knowledge to implement and support. -Data is kept in the data center so disaster recovery is easier. -Users can work from anywhere when using RDP in a virtual desktop infrastructure. -A potential reduction in cost of business software occurs.

Light resource usage for encryption and decryption

Which of the following is NOT an advantage of SSL? -Easy for user to identify its use (https ://) -Light resource usage for encryption and decryption -Supported on all browsers -Data encryption

Performance

Which of the following is NOT an advantage of iSCSI deployments? -Eliminates distance limitations imposed by SCSI transfers -Inexpensive in simple deployments -Performance -Simplicity

elimination of security issues

Which of the following is NOT an advantage of virtualization? -elimination of security issues -dynamic resource allocation -reduction in power usage -high availability

It is compatible with TLS.

Which of the following is NOT true of SSL? -The two options are 40-bit and 128-bit. -It is a transport-layer protocol. -SSL v2 must be used for client-side authentication. -It is compatible with TLS.

clipping level

Which of the following is a baseline number of user errors above which violations will be recorded? -ceiling -trigger -clipping level -gate

UTM

Which of the following is a concept that attempts to perform multiple security functions within the same device or appliance? -VPN -UTP -UTM -DMVP

CIFS

Which of the following is a is a public version of Server Message Block (SMB) ? -FCoE -NFS -CIFS -iSCSI

Private Cloud

Which of the following is a solution owned and managed by one company solely for that company's use? -Hybrid Cloud -Community Cloud -Public Cloud -Private Cloud

iSCSI

Which of the following is a standard method of encapsulating SCSI commands within IP packets? iSCSI FCoE FCP NFS

RC4

Which of the following is a stream cipher? RC4 Blowfish Twofish RC5 RC6

knowledge factor

Which of the following is also known as a Type 1 authentication factor? -knowledge factor -behavioral factor -characteristic factor -ownership factor

race condition

Which of the following is an attack where the hacker inserts himself between instructions, introduces changes, and alters the order of execution of the instructions, thereby altering the outcome? -memory leak -race condition -bluesnarfing -integer overflow

iptables

Which of the following is an example of a host based firewall in Linux-based systems? -iptables -ACLs -DLP -APIPA

Heuristic-based IDS

Which of the following is an expert system that uses a knowledge-based inference engine, and rule-based programming? -Signature-based IDS -Rule-based IDS -Heuristic-based IDS -Anomaly-based IDS

APIPA

Which of the following is another name for the 169.254.0.1-169.254.255.254 private address range? -VLSM -APIPA -NDLP -CIDR

memory cards

Which of the following is easy to counterfeit? -memory cards -token cards -proximity cards -smart cards

Set the X-FRAME-OPTION value to deny.

Which of the following is one way to prevent a clickjacking attack? -Implement fuzzing. -Set the X-FRAME-OPTION value to deny. -Use strong authentication. -Use input validation.

TPM

Which of the following is responsible for managing keys issued to a single computer? CRL CA RA TPM

SSH

Which of the following is the MOST secure to use to connect to a remote server? Telnet rlogin rexec SSH

scrubbing

Which of the following is the act of deleting incriminating data within an audit log? -wiping -scrubbing -clearing -cleansing

data warehousing

Which of the following is the process of combining data from multiple databases or data sources in a central location for analysis? -data mining -cloud storage -data warehousing -data deduplication

privilege escalation

Which of the following is the process of exploiting a bug or weakness in an operating system to allow a user to receive privileges to which they are not entitled? -CSRF -clickjacking -privilege escalation -insecure direct object references

slows performance

Which of the following is true of a NIPS system? -cannot take action to prevent attacks -eliminates false positives -slows performance -inexpensive

Microsoft's BitLocker to Go

Which of the following is used to encrypt information on a portable device, such as USB thumb drive? -Microsoft's BitLocker to Go -Secure Star's DriveCrypt -PGP's Whole Disk Encryption -MobileArmor's Data Armor

TCSEC (Trusted Computer System Evaluation Criteria)

Which of the following is used to identify a trusted operating system? -TPM chip -TOS -TCSEC -posture assessment

XSS (Cross Site Scripting)

Which of the following occurs when an attacker locates a web site vulnerability, thereby allowing the attacker to inject malicious code into the Web application? -CSRF -XSS -insecure direct object references -memory leaks

input validation

Which of the following prevents XSS attacks? -strong authentication -fuzzing -input validation -access checks

options b and e only

Which of the following protocols provides encryption to protect the data as it is transmitted over the network? A. HTTP B. SHTTP C. FTP D. TFTP E. SFTP options a and b only options c, d, and e only options a and c only options b and e only all of the options

HTTPS

Which of the following protocols uses port 443? -SSH -HTTPS -SFTP -SHTTP

TOS (Trusted Operating System)

Which of the following refers to an operating system that provides sufficient support for multilevel security and evidence of correctness to meet a particular set of government requirements? -NIPS -TOS -EAL -TCSEC

Bourne shell

Which of the following shells is the most basic shell available on all UNIX systems? -C shell -Korn shell -Bourne shell -tsch

C. End-to-end encryption provides protection against packets sniffers.

Which of the following statements regarding encryption are FALSE? A. Link encryption encrypts all data being transmitted over a particular medium. B. End-to-end encryption allows attackers to learn more about a captured packet. C. End-to-end encryption provides protection against packets sniffers. D. Link encryption occurs at the physical and data-link layers. options a, b, and c only options a, b, and d only all of the options

Skipjack

Which of the following symmetric algorithms performs the most rounds of transformation? IDEA Skipjack Twofish AES 256

sandboxing

Which of the following techniques limits the parts of the operating system and user files the application is allowed to interact with? -sandboxing -data views -zoning -masking

SET

Which of the following was specifically created to protect credit card transactions? SSL TLS SET SSH

fuzzing

Which process injects invalid or unexpected input (sometimes called faults) into an application to test how the application reacts? -fuzzing -buzzing -stress testing -input validation

HTTPS

Which protocol protects the communication channel between two computers? HTTPS SHTTP HTTP FTP

IPsec

Which protocol should you implement to protect data that is transmitted over a VPN? SET IPsec SHTTP SFTP

When using a digital signature, the message is used as an input to a hash function, and the sender's public key encrypts the hash value.

Which statement about cryptography is FALSE? -Asynchronous encryption occurs when encryption or decryption requests are processed from a queue. -Symmetric encryption is an encryption method whereby a single private key both encrypts and decrypts the data. -When using a digital signature, the message is used as an input to a hash function, and the sender's public key encrypts the hash value. -Key clustering occurs when different encryption keys generate the same ciphertext from the same plaintext message.

Diffusion is the process of changing the location of the plaintext within the ciphertext.

Which statement about cryptography is TRUE? -Transposition is the process of changing a key value during each round of encryption. -Diffusion is the process of changing the location of the plaintext within the ciphertext. -Substitution is the process of shuffling or reordering the plaintext to hide the original message. -Confusion is the process of exchanging one byte in a message for another.

Packets are decrypted at each device.

Which statement is TRUE regarding link encryption? -Packets are decrypted at each device. -The user can select exactly what is encrypted. -It only affects the performance of the sending and receiving devices. -Packet headers are not encrypted.

input length

Which type of input validation is used to prevent buffer overflow attacks? -clipping levels -traffic policing -input length -whitelisting

SHA-256

You need to ensure that a message that you are transmitting to another user is not altered. You decide to use a hashing algorithm. Which of the following should you implement? SHA-256 3DES AES El Gamal

all of the options

Your organization decides to use digital signatures to sign messages. In addition, the messages will be encrypted. Which security tenets are covered by this implementation? A. confidentiality B. authentication C. nonrepudiation D. integrity options a and b only options c and d only options b, c, and d only all of the options

digital certificate

Your organization has recently signed a contract with another organization. As part of this contract, you must establish a public key infrastructure (PKI) for added security during inter-organizational communication. Which mechanism in the PKI is issued to users and includes a public key? certification authority (CA) registration authority (RA) steganography digital certificate

options a, c, and d only

Your organization must be able to send confidential messages to another organization over the Internet. You must ensure that the encryption scheme that you use can never be broken. You decide to use one-time pads when sending these confidential messages. Which of the following statements are TRUE regarding this encryption scheme? A. Each pad can be used only one time. B. Each pad must be shorter than the message it is securing. C. The pads must be securely distributed and protected in storage. D. The pads must be made up of random values. options a, b, and c only options a, b, and d only options a, c, and d only


Related study sets

Mary Ann Hogan RN Questions and rationals

View Set

Chapter 8 Business Communication

View Set

ATI Skills Module 3.0- Diabetes Mellitus Management

View Set

Social Psychology review for final test

View Set

Professional Knowledge: Elementary

View Set

US Soccer Grassroots Recertification

View Set

Benda dan perubahanya2318191_IAIN PEKALONGAN

View Set

Intro to Ethics - Normative Ethical Theories

View Set