Chapter 7, Chapter 8

Ace your homework & exams now with Quizwiz!

Which type of RFID tag can send a signal over a long distance?

Active

A private key has been stolen. Which action should you take to deal with this crisis?

Add the digital certificate to the CRL

You've just finished installing a wireless access point for a client. What should you do to prevent unauthorized users from using the access point (AP) configuration utility?

Change the administrative password on the AP.

You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.)

Check the MAC addresses of devices connected to your wired //Conduct a site survey.

When two different messages produce the same hash value, what has occurred?

Collision

You create a new document and save it to a hard drive on a file server on your company's network. Then you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing which security goal?

Confidentiality

You are replacing a wired business network with an 802.11g wireless network. You currently use Active Directory on the company network as your directory service. The new wireless network has multiple wireless access points, and you want to use WPA2 on the network. What should you do to configure the wireless network? (Select two.)

Configure devices to run in infrastructure mode Install a RADIUS server and use 802.1x authentication

You want to connect a laptop computer running Windows to a wireless network. The wireless network uses multiple access points and WPA2-Personal. You want to use the strongest authentication and encryption possible. SSID broadcast has been disabled. What should you do?

Configure the connection with a pre-shared key and AES encryption.

Which of the following functions are performed by a TPM?

Create a hash of system components

Hashing algorithms are used to perform which of the following activities?

Create a message digest.

Which of the following is a direct integrity protection?

Digital signature

Which EAP implementation is MOST secure?

EAP-TLS

Which of the following security solutions would prevent a user from reading a file that she did not create?

EFS

Which type of interference is caused by motors, heavy machinery, and fluorescent lights?

EMI

You would like to implement BitLocker to encrypt data on a hard disk, even if it is moved to another system. You want the system to boot automatically without providing a startup key on an external USB device. What should you do?

Enable the TPM in the BIOS.

Which class of wireless access point (WAP) has everything necessary to manage clients and broadcast a network already built into its functionality?

FAT

Which utility would you MOST likely use on OS X to encrypt and decrypt data and messages?

GPG

What is the main function of a TPM hardware chip?

Generate and store cryptographic keys

Which of the following is used to verify that a downloaded file has not been altered?

Hash

A birthday attack focuses on which of the following?

Hashing algorithms

Which of the following is generated after a site survey and shows the Wi-Fi signal strength throughout the building?

Heat map

Which type of attack is WEP extremely vulnerable to?

IV attack

To obtain a digital certificate and participate in a public key infrastructure (PKI), what must be submitted and where?

Identifying data and a certification request to the registration authority (RA)

You've used BitLocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TPM chip, so you've used an external USB flash drive to store the BitLocker startup key. You use EFS to encrypt the C:\Secrets folder and its contents. Which of the following is true in this scenario? (Select two.)

If the C:\Secrets\confidential.docx file is copied to an external USB flash drive, the file will be saved in an unencrypted state. By default, only the user who encrypted the C:\Secrets\confidential.docx file will be able to open it.

You want to protect data on hard drives for users with laptops. You want the drive to be encrypted, and you want to prevent the laptops from booting unless a special USB drive is inserted. In addition, the system should not boot if a change is detected in any of the boot files. What should you do?

Implement BitLocker with a TPM.

You are the security analyst for your organization. Clients are complaining about being unable to connect to the wireless network. After looking into the issue, you have noticed short bursts of high-intensity RF signals are interfering with your wireless network's signal. Which type of attack are you most likely experiencing?

Jamming

You are concerned that if a private key is lost, all documents encrypted with your private key will be inaccessible. Which service should you use to solve this problem?

Key escrow

Which of the following are true of Triple DES (3DES)?

Key length is 168 bits

Which of the following do switches and wireless access points use to control access through a device?

MAC address filtering

Which of the following is the weakest hashing algorithm?

MD5

The IT manager has tasked you with installing the new wireless LAN controller (WLC). Where should you install the controller?

Network closet

Cryptographic systems provide which of the following security services? (Select two.)

Non reputation/ confidentiality

When a sender encrypts a message using their own private key, which security service is being provided to the recipient?

Non-repudiation

Your computer system is a participant in an asymmetric cryptography system. You've crafted a message to be sent to another user. Before transmission, you hash the message and then encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. Which protection does the private key-signing activity of this process provide?

Non-repudiation

You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?

On a RADIUS server

Which technology was developed to help improve the efficiency and reliability of checking the validity status of certificates in large, complex environments?

Online Certificate Status Protocol

You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implemented within each building. The buildings are 100 meters apart. Which type of wireless antenna should you use on each side of the link? (Select two.)

Parabolic/High-gain

Which of the following types of site surveys should be performed first?

Passive

Above all else, what must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates?

Private keys

Which of the following algorithms are used in symmetric encryption? (Select two.)

Blowfish/3DES

Which of the following sends unsolicited business cards and messages to a Bluetooth device?

Bluejacking

Which of the following can be classified as a stream cipher?

RC4

Which of the following algorithms are used in asymmetric encryption? (Select two.)

RSA/Dillie Hellman

An attacker is attempting to crack a system's password by matching the password hash to a hash in a large table of hashes he or she has. Which type of attack is the attacker using?

Rainbow

Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day, you find that an employee has connected a wireless access point to the network in his office. Which type of security risk is this?

Rogue access point

In the certificate authority trust model known as a hierarchy, where does trust start?

Root CA

Which of the following does not or cannot produce a hash value of 128 bits?

SHA-1

Which type of wireless access point is generally used in a residential setting?

SOHO

Which of the following is used on a wireless network to identify the network name?

SSID

You have physically added a wireless access point to your network and installed a wireless networking card in two laptops that run Windows. Neither laptop can find the network. You have come to the conclusion that you must manually configure the access point (AP). Which of the following values uniquely identifies the network AP?

SSID

What is the process of adding random characters at the beginning or end of a password to generate a completely different hash called?

Salting

Mary wants to send a message to Sam in such a way that only Sam can read it. Which key should be used to encrypt the message?

Sam public key

A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. Which of the following must the receiver use to access the hashing value and verify the integrity of the transmission?

Sender's public key

An SSL client has determined that the certificate authority (CA) issuing a server's certificate is on its list of trusted CAs. What is the next step in verifying the server's identity?

The CA's public key must validate the CA's digital signature on the server certificate.

Which of the following database encryption methods encrypts the entire database and all backups?

Transparent Data Encryption (TDE)

When a cryptographic system is used to protect data confidentiality, what actually takes place?

Unauthorized users are prevented from viewing or accessing the resource.

Which of the following items are contained in a digital certificate? (Select two.)

Validity period/Public key

Which of the following best describes Bluesnarfing?

Viewing calendar, emails, and messages on a mobile device without authorization

You need to implement a solution to manage multiple access points in your organization. Which of the following would you most likely use?

WLS

You need to add security for your wireless network, and you would like to use the most secure method. Which method should you implement?

WPA2

Which of the following devices would you use to perform a site survey?

Wi-Fi analyzer

Which of the following is responsible for broadcasting information and data over radio waves?

Wireless access point

Which standard is most widely used for certificates?

X.509

You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file?

Your copy is the same as the copy posted on the website.

What is the most obvious means of providing non-repudiation in a cryptography system?

digital signature

An attacker has intercepted near-field communication (NFC) data and is using that information to masquerade as the original device. Which type of attack is being executed?

relay

You need to configure a wireless network using WPA2-Enterprise. Which of the following components should be part of your design? (Select two.)

802.1x//AES encryption

Which of the following best describes an evil twin?

An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information.

A PKI is an implementation for managing which type of encryption?

Asymmetric

You want a security solution that protects the entire hard drive and prevents access even if the drive is moved to another system. Which solution should you choose?

Bitlocker

Which of the following encryption mechanisms offers the least security because of weak keys?

DES

Which of the following should you set up to ensure encrypted files can still be decrypted if the original user account becomes corrupted?

DRA

Which type of password attack employs a list of pre-defined passwords that it tries against a login prompt?

Dictionary attack

The owner of a hotel has contracted with you to implement a wireless network to provide internet access for guests. The owner has asked that you implement security controls so that only paying guests are allowed to use the wireless network. She wants guests to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, guests should then be allowed full access to the internet. If a user does not provide the correct code, he or she should not be allowed to access the internet. What should you do?

Implement a captive portal

You have downloaded a file from the internet. You generate a hash and check it against the original file's hash to ensure the file has not been changed. Which information security goal is this an example of?

Integrity

Which term means a cryptography mechanism that hides secret communications within various forms of data?

Steganography

Which form of cryptography is best suited for bulk encryption because it is so fast?

Symmetric key cryptography

You have transferred an encrypted file across a network using the Server Message Block (SMB) Protocol. What happens to the file's encryption?

The file is unencrypted when moved.

Which of the following would require that a certificate be placed on the CRL?

The private key is compromised.


Related study sets

Series 24 Error Log - Investment Banking

View Set

- chap 5- Bevahiour of Interest Rtes

View Set

English 700 Unit 8 TEST: NONFICTION AND COMMUNICATION

View Set

Imperialism, isolationism, and expansionism

View Set

Chemistry Ch. 12.3 and 12.4 Quiz

View Set