Quiz Questions Security +

Ace your homework & exams now with Quizwiz!

Which encryption/security measure, originally developed by Netscape, is used to establish a secure, lower-layer communication connection between two TCP/IP-based machines?

SSL

The ___________________ method of backup keeps all data that has ever been on the system, regardless of its value.

Full archival

The __________ backup method is based on the philosophy that a full backup should occur at regular intervals, such as monthly or weekly?

GFS

The cyberspace Security Enhancement Act gives law enforcement the right to:

Gain access to encryption keys

Which of the following is a passive method of threat response?

Logging the event

In TCP/IP parlance, any computer or device with an IP address on a TCP/IP network is known as a(n):

host

Which access control model is a static model that uses predefined access privileges for resources that are assigned by the administrator?

MAC

Which organization is tasked with developing standards for, and tries to improve, the Internet.

IETF

__________________ is an attack in which the intruder sends a frame to the AP with a spoofed address to make it look like it came from the victim and disconnects them from the network.

Disassociation

Which kind of security attack is a result of the trusting nature of human beings?

social engineering

Computer room humidity should ideally be kept above ___________________ percent.

50

Which feature of cloud computing involves dynamically provisioning (or de-provisioning) resources as needed?

Elasticity

With which type of technology will allow a device to function only if it is within certain geographical locations?

Geofencing

What is the machine on which virtualization software is running known as?

Host

The TCP protocol functions at which layer of the TCP/IP model?

Host-to-Host

A ___________________ is a backup location that can provide services within hours of complete system failure.

Hot site

A ___________________ is a repair made while the system being repaired remains in operation.

Hotfix

Which of the following is NOT one of the cloud delivery models recognized by NIST?

Hybrid Community Unlisted Private

Wireless Ethernet conforms to which IEEE standard?

IEEE 802.11

A ___________________is the term for an area in a building where access is individually monitored and controlled.

Security Zone

Which U.S. government agency publishes lists of known vulnerabilities in operating systems?

NIST

___________________ is a type of penetration/vulnerability testing that takes a passive approach rather than actually trying to break into the network.

Nonintrusive

Whether or not your server operating system can force the change of a password is considered what kind of a security issue?

Operational

Which PKCS standard is the standard for password-based cryptography?

PKCS #5

A firewall operating as a ___________________ firewall will pass or block packets based on their application or TCP port number.

Packet filter

Packets between the WAP server and the Internet may be intercepted. What is this vulnerability known as?

Packet sniffing

Which fire extinguisher type is the best to be used on computer equipment in the case of a computer fire?

Type C

Which hypervisor model needs the operating system to be up and cannot boot until it is?

Type II

To prevent files from being copied on a workstation to removable media, you should disable which ports?

USB

If you wanted to connect two networks securely over the Internet, what type of technology could you use?

VPN

What technology is used to simplify network setup by allowing a router to have the administrator push a button on it to allow a new host to join?

WPS

__________________ is the security layer for wireless 802.11 connections using WAP.

WTLS

"Full disclosure testing" is more often known as which of the following?

White box

Which "X" standard defines certificate formats and fields for public keys?

X.509

A ___________________ is a system designed to fool attackers into thinking a system is unsecured so they will attack it. Then the "victim" will learn their attack methods without compromising a live system.

Honey pot

Which of the following is a single sign-on system used widely on the Internet?

Shibboleth

How many channels does the 802.11 standard define?

14

What TCP port does HTTP use?

80

Which security standard is used to encrypt e-mails?

S/MIME

Which type of risk strategy is undertaken when you attempt to reduce the risk?

mitigation

If SLE is calculated at $2,500 and there are an anticipated 4 occurrences a year (ARO), then ALE is:

$10,000

Your company owns a printing press worth $100,000. If it were damaged in a fire, it would be worth $8,000 in parts. What would the single loss expectance (SLE) be?

$8000 (Using the formula SLE = Asset value * exposure factor, you come up with $100,000 8%, or $8,000)

How many programs are traditionally run during vulnerability scanning?

1

What TCP port does Telnet use?

23

Which of the following is NOT an asymmetric encryption algorithm?

3DES

Which of the following will NOT contribute to network hardening?

>>>>Installing new anti-virus software on workstations Updating network switch firmware to newest versions Putting passwords on all remote-configurable network hardware Locking down all unused ports on the firewall

Which of the following is used to refer to any sophisticated series of related attacks taking place over an extended period of time?

APT

Which access control method model allows the owner of a resource to grant privileges to information they own?

DAC

Which of the following is the process of ensuring that policies, procedures, and regulations are carried out in a manner consistent with organizational standards?

Auditing

Which of the following is not part of the CIA triad?

Avoidance

Which of the following is an attack where a program or service is placed on a server to bypass normal security procedures?

Backdoor

Which method of code breaking tries every possible combination of characters in an attempt to "guess" the password or key?

Brute Force

Which method of attack against a password happens when an attacker tries many different combinations of alphanumeric characters until successful?

Brute force

Which encryption algorithm uses a 40 to 128-bit key and is used on many products from Microsoft and IBM?

CAST

Your company has given you a laptop to use as you travel. What category does this laptop fall under?

COPE

Individuals who specialize in the making of codes are known as

Cryptographers

Servers or computers that have two NIC cards, each connected to separate networks, are known as what type of computers?(TCOs F and G)

Dual-homed

Which of the following Evaluation Assurance Levels (EAL) specifies that the user wants assurance that the system will operate correctly, but threats to security are not viewed as serious?

EAL 1

Which of the following Evaluation Assurance Levels (EAL) is the common security benchmark for commercial systems?

EAL 4

Which type of attack is one in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit?

Evil twin

You've been notified that you'll soon be transferred to another site. Before you leave, you're to audit the network and document everything in use and the reason why it's in use. The next administrator will use this documentation to keep the network running. Which of the following protocols isn't a tunneling protocol but is probably used at your site by tunneling protocols for network security?

IPSec

Which of the following is a series of standards that define procedures for implementing electronically secure industrial automation and control systems?

ISA/IEC-62443

A(n) ___________________ is a broad term that applies to a wide range of systems used to manage information security.

ISMS

Which of the following is NOT one of the three cloud service models recognized by the NIST?

IaaS SaaS PaaS XaaS

__________________ is the first step in the incident response cycle.

Incident identification

___________________ are used to monitor a network for suspect activity.

Intrusion detection system

How does a user obtain a Message Authentication Code (MAC)?

It is derived from the message itself using an algorithm

Which authentication method uses a Key Distribution Center (KCD)?

Kerberos

When assigning permissions to users, which principle should you adhere to?

Least privilege

When the entire network, including all security devices, is virtualized, this is known as:

SDN

Which hashing algorithm uses a 160-bit hash value?

SHA

Which of the following is NOT a tunneling protocol?

SLIP (L2F is)

What is it known as when an attacker manipulates the database code to take advantage of a weakness in it?

SQL injection

Which of the following is a type of attack that occurs when an attacker pretends to be a legitimate client, using information it has gained from a legitimate client (like it's IP address).

Spoofing

What kind of cryptographic method replaces one character with another from a "match-up list" to produce the ciphertext? The decoder wheels kids get in cereal boxes often make this kind of cryptography.

Substitution cipher

Which of the following is an internal threat?

System Failure

Which remote access protocol, implemented almost exclusively by Cisco, is a central server providing remote access usernames that dial-up users can use for authentication.

TACACS+

The area of an application that is available to users (those who are authenticated as well as those who are not) is known as its:

attack surface

Which of the following is NOT necessary to back up?

Applications

Locking the door(s) to the server room involves what kind of security?

Physical

What protocol is used by technologies for load balancing/prioritizing traffic?

QoS

You have taken out an insurance policy on your data/systems to share some of the risk with another entity. What type of risk strategy is this?

Transference

You are the administrator for Mercury Technical. Due to several expansions, the network has grown exponentially in size within the past two years. Which of the following is a popular method for breaking a network into smaller private networks that can coexist on the same wiring and yet be unaware of each other?

VLAN

Which RAID level provides for no fault tolerance?

RAID 0

Which of the following is an IPsec header used to provide a mix of security services in IPv4 and IPv6?

ESP

According to the TCP/IP model, HTTP functions at which layer?

Application

You are the administrator of the sybex.com website. You are working when suddenly web server and network utilization spikes to 100% and stays there for several minutes and users start reporting "Server not available" errors. You may have been the victim of what kind of attack?

DoS

The process of making a computing environment more secure from attacks and intruders is known as ___________________.

Hardening

On the outer edge of physical security is the first barrier to entry. This barrier is known as a(n) ___________________.

Perimeter

__________________ provide rules for expected behaviors to people in an organization.

Policies

Which type of tool would best describe Nmap?

Vulnerability scanner

Which level of RAID is a "stripe of mirrors"?

RAID 1+0 or 10

A ___________________ is used to provide EMI & RFI shielding for an entire room of computer or electronic equipment (also used to prevent eavesdropping).

Faraday cage

Which of the following security features are not needed in a SAN?

Firewall Antivirus User access control {None of the above}

Which of the following devices are the first line of defense for networks connected to the Internet?

Firewalls

Separation of duties polices are designed to reduce the risk of what?

Fraud

You've been chosen to lead a team of administrators in an attempt to increase security. You're currently creating an outline of all the aspects of security that will need to be examined and acted upon. Which of the following terms describes the process of improving security in an NOS?

Hardening

Which of the following is NOT a routing protocol?

ICMP (RIP, BGP, OSPF)

Which set of applications is designed to allow XML-based programs access to PKI services?

XKMS

A major organization in the tracking and reporting of common computer and network security problems is ___________________.

CERT

If RF levels become too high, it can cause the receivers in wireless units to become deaf. The process is called:

Desensitizing

Which of the following is a wireless networking technology that uses two or more streams of data transmission to increase data throughput?

MIMO

Which method of cryptography uses a sequence of photons to represent the encrypted data?

Quantum Cryptography

Which access control method model grants rights or privileges based on their job function or position held?

RBAC


Related study sets

Unit 4 Debt Securities Questions

View Set

Combo with "HESI A2 MATH" and 1 other

View Set

anatomy and physiology 1: chapter 13

View Set

Ch 37: Musculoskeletal Trauma PrepU

View Set