Security + SY0-401_Class
Which security standard is used to encrypt e-mails?
S/MIME
Which of the following is a hashing algorithm?
SHA
A domain server is valued at $2,500 and there are is an anticipated 2.5% chance of the domain server needing to be replaced in a given year. Calculate the ALE: ALE = SLE * ARO
$62.50
Which of the following is the most common hashing algorithm used for web based digital certificates?
SHA-2
Which of the following cloud computing solutions will deliver software applications to a client either over Internet or on a local area network?
SaaS
What is the term for restricting an application to a safe/restricted memory area?
Sandboxing
which type of cloud delivery models is offered to all users?
Public Cloud
Which of the following is the second highest classification level in the government (according to the course text)?
Secret
Which of the following is the term for an area in a building where access is individually monitored and controlled?
Security Zone
How many bits are used for addressing with IPv6?
128
What TCP port does SSH use?
22
Which port does non-encrypted LDAP use?
389
Which of the following is NOT an asymmetric encryption algorithm?
3DES
Computer room humidity should ideally be kept at what percent?
50
Which remote access protocol, implemented almost exclusively by Cisco, is a central server providing remote access usernames that dial-up users can use for authentication?
TACACS+
Which U.S. regulation dictates the standards for storage, use, and transmission of personal medical information?
HIPAA
The process of reducing the attack surface of a host system by keeping the OS updated, closing unused ports, and only running necessary services is called?
Hardening
Which of the following 802.11 standards is often referenced as WPA2?
802.11i
Which of the following 802.11 protocols has the fastest transmission speed?
802.11n
WPA utilizes which technology to fix the security weakness with WEP?
TKIP
Which of the following is an example of two-factor authentication?
A fingerprint and a password
Which of the following is the strongest form of multi-factor authentication?
A password, biometric scan, and a token device
Which of the following is a security concern regarding virtualization?
A successful attack on the hypervisor could provide root-level access to all virtual machines on the host system
Which of the following statements is true?
A virus requires a user action to propagate and infect other host systems
Which encryption algorithm is utilized by WPA II and based on Rijndael?
AES
The FTP protocol functions at which layer of the TCP/IP model?
Application
Which of the following is NOT a goal of information security?
Archival
Establishing a standard for security and using it to verify the security configuration of a host is called which of the following?
Baselining
Which of the following security device uses some biological characteristic of human beings to uniquely identify a person for authentication?
Biometric
What term below is used to describe an attack that sends unsolicited messages to Bluetooth enabled devices?
Bluejacking
A Bluetooth attack in which the attacker accesses unauthorized information from a wireless device using a Bluetooth connection, is known as?
Bluesnarfing
Which certificate authority (CA) trust model is best suited to provide flexibility and interoperability between different organizations?
Bridge Trust Model
Which method of attack against a password happens when an attacker tries many different combinations of alphanumeric characters until successful?
Brute force
A programmer that fails to check the length of input before processing leaves the code vulnerable to what form of common attack?
Buffer overflow
Due to the private key being compromised, a digital certificate must must be revoked so it is never used again. What is often used to revoke a certificate?
CRL
How can an administrator force wireless clients to use a standard web browser to provide information, and require a user to agree to a use policy or present valid login credentials?
Captive portal access point
Which of the following is primarily subject to an SQL injection attack?
Database servers
Which of the following can be used to stop piggybacking that has been occurring at a front entrance where employees should swipe their smart cards to gain entry?
Deploy a mantrap
You have a worker who is about to take a 6 month maternity leave. How should you handle her user account?
Disabled, regardless of the circumstances
You are the administrator of a website that is hosted on a server under your control. You suddenly notice a spike in CPU and RAM utilization and thousands of half-open connections (3-way handshake not completed). What type of attack are you most likely experiencing?
DoS
Your company is getting rid of old 1GB USB flash drives that contain sensitive data. What is the proper method of disposing of this type of storage media?
Drilling a hole into the flash memory component of the USB drives and then discarding them
Servers or computers that have two NIC cards, each connected to separate networks, are known as what type of computers?
Dual-homed
Which of the following Evaluation Assurance Levels (EAL) is the common security benchmark for commercial systems?
EAL 4
Which of the following is generally an immediate and urgent security update for software?
Hotfix
Which of the following statements about electrostatic discharge (ESD) is not correct?
ESD is much more likely to occur when the relative humidity is above 50%
Which of the following is an advantage of using virtualization?
Easy migration of virtual machines to different hardware systems
Which of the following is a solution that addresses physical security?
Escort visitors at all times
Which of the following dictates that educational institutions may not release information to unauthorized parties without the express permission of the student?
FERPA
Which of the following is used to provide EMI & RFI shielding for an entire room of computer or electronic equipment (also used to prevent eavesdropping)?
Faraday cage
Which of the following devices are the first line of defense for networks connected to the Internet?
Firewalls
Separation of duties polices are designed to reduce the risk of what?
Fraud
A small company had a hard drive go down on an important server and the backup must be utilized to restore the data. Restoring the backup will require the most recent full backup along with the backup that has all changes since the last full. This backup method continues to backup files once the file has been initially modified because it does not clear the archive bit. Which type of backup method is being utilized?
Full with differential
A software company is testing a new application by providing unexpected values as input to try and make it crash. Which of the following answers best describes this technique?
Fuzzing
Which of the following prohibits banks from releasing information to nonaffiliated third parties without permission?
Gramm-Leach-Bliley Act
What are the virtual machines (VMs) called that reside on a computer?
Guests
IPv6 has mandatory requirements built-in for which security protocol?
IPSec
Which type of policy determines if information is secret, top-secret, or public?
Information classification policies
A company decides that a network administrator and a database administrator should exchange positions one week every month in order to allow more oversight over each others position. Which of the following is this an example of?
Job Rotation
Which authentication method uses a Key Distribution Center (KDC)?
Kerberos
When assigning permissions to users, which principle should you adhere to?
Least privilege
An End User License Agreement (EULA) for software would typically be considered what classification of information?
Limited Distribution
Which of the following is a passive method of threat response?
Logging the event
Which access control model is a static model that uses predefined access privileges for resources that are assigned by the administrator?
MAC
Which of the following logs is not automatically generated in Windows Event Viewer?
Msconfig
You desire a product that has the ability to detect a distributed denial of service attack on your network and take an action to stop the attack. Which type of product does this describe?
NIPS
Which U.S. government agency is responsible for creating and breaking codes?
NSA
Which of the following Microsoft file systems allows native encryption of folders and files?
NTFS
The Certificate Revocation List (CRL) takes time to be fully disseminated. Which protocol allows a certificate's authenticity to be immediately verified?
OCSP
Which of the following is the least likely to improve host security?
Only implement Internet Explorer as a web browser
Whether or not your server operating system can force the change of a password is considered what kind of a security issue?
Operational
Which EAP protocol creates an encrypted channel between the client authentication server and the client, and can uses Microsoft Windows logins and passwords?
PEAP
Which PKCS standard is the standard for password-based cryptography?
PKCS #5
Which of the following remote access protocol should not be selected for a WAN VPN connection due to lack of security features?
PPP
Which of the following best describes the Platform as a Service (PaaS) cloud computing service model?
PaaS delivers everything a developer needs to build an application onto the cloud infrastructure.
Which of the following types of firewalls will pass or block packets based on their application or TCP port number.
Packet filter
On the outer edge of physical security is the first barrier to entry. This barrier is known as which of the following?
Perimeter
Locking the door(s) to the server room involves what kind of security?
Physical
As you browse the Internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view. Which tool can you implement to prevent these windows from showing?
Pop-up blocker
In a PKI environment, which entity is typically used to identify an individual for certificate issue?
RA
Which RAID array provides no fault tolerance?
RAID 0
Which of the following RAID levels is for disk striping that then gets mirrored? It is also called a mirror of stripes.
RAID 0+1
Which access control method model grants rights or privileges based on their job function or position held?
RBAC
What is the primary type of database used in applications today?
Relational
A digital file containg a comany's proprietary processes and strategic information would be classified as which of the following?
Restricted
Which type of virus attacks or bypasses the antivirus software installed on a computer?
Retrovirus
Which of the following is a type of attack that occurs when an attacker pretends to be a legitimate client, using information it has gained from a legitimate client (like it's IP address).
Spoofing
Which answer choices is correct as it relates to the following: It deals with specific issues or aspects of a business. It is derived from policies. IT should provide enough detail that an audit can be performed to determine whether it is being met.
Standard
What kind of cryptographic method replaces one character with another from a "match-up list" to produce the ciphertext?
Substitution cipher
Which of the following is an internal threat?
System Failure
Which of the following is the name assigned to a chip that can store cryptographic keys, passwords, or certificates and is often used for whole disk encryption?
TPM
Which of the following is a best practice as it relates to operating system updates?
Test the update first on computers in a non-production environment prior to rolling the update out to your production computers
You have taken out an insurance policy on your data/systems to share some of the risk with another entity. What type of risk strategy is this?
Transference
Which fire extinguisher type is the best to be used on computer equipment in the case of a computer fire?
Type C
Which hypervisor model needs the operating system to be up and cannot boot until it is?
Type II
Recently, a Web site named www.vidshare.com has become extremely popular with users around the world. An attacker registers the following domain names: www.videoshare.com www.vidsshare.com What type of attack has occurred in this scenario?
Typosquatting
Which of the following is NOT one of the cloud delivery models recognized by NIST?
Unlisted
If you wanted to connect two private networks securely over the Internet, what type of technology could you use?
VPN
Which protocol is used by cell phones to enable access to the Internet to view web pages in a format where the web page is properly formatted on a small screen?
WAP
What technology is targeted more at the consumer rather than the enterprise and is used to simplify wireless network setup by pushing a button on the wireless router and then the end user types in a PIN code?
WPS
What is the name given to targeting a significant person in a business such as the CEO with a social engineering attack?
Whaling
A list of applications approved for use on your network would be known as which of the following?
Whitelist
In Windows, what tool is most commonly used to disable a port?
Windows Firewall
Which "X." standard defines certificate formats and fields for public keys?
X. 509
Which of the following is not a component of Public Key Infrastructure (PKI)?
XA
Which of the following is an attack that is possible because user input is not validated and malicious scripts are injected into Web pages to redirect users to another website that may infect the visitor with malware when the web page is downloaded by the browser to the web client?
XSS
Which of the following is NOT one of the three cloud service models recognized by the NIST?
XaaS
Which of the following answer choices correctly describes a false positive?
You are alerted to a security situation when you should not have been
What is the name of a computer that is infected with Malware and under the control of a bot herder?
Zombie
What type of access point is configured by an attacker in such a manner that it mimics an authorized access point?
evil twin
In TCP/IP parlance, any computer or device with an IP address on a TCP/IP network is known as a(n):
host
Which of the following is NOT a tunneling protocol?
SLIP
Which of the followingis a slang term for unwanted commercial e-mail?
SPAM
Which encryption protocol below is used in the WPA2 standard?
AES
Which of the following symmetric encryption types is the primary current standard used by U.S. governmental agencies?
AES
Which of the following is a policy that defines appropriate activities and usage for company resources, assets, and communications?
Acceptable Use Policy
Which of the following is an advantage of SSO (Single Sign-on)?
Access to all authorized resources with a single instance of authentication
Which of the following indicates a current ongoing problem that needs to be investigated right away?
Alarm
Individuals who specialize in the making of codes are known as which of the following?
Cryptographers
When your servers become too busy on your network, you can offload traffic to resources from a cloud provider. This is known as which of the following?
Cloud bursting
Which of the following is not true regarding cloud computing?
Cloud computing requires end-user knowledge of the physical location and configuration of the system that delivers the services.
What type of systems utilize parallel processing which improves performance and availability and adds redundancy?
Clustered
What is the name of a site that is a location a company can move into if there is a disaster at their primary location but the site does not have a computer network or backups?
Cold site
Which access control method model allows the owner of a resource to grant privileges to information they own?
DAC
Which software security system monitors the contents of hosts to make sure key content is not deleted or removed?
Data Loss Prevention
You desire a software product that will monitor a server and detect abnormal conditions such as services starting that are not part of the baseline configuration. You want the software product to send you an alert if it detects an abnormal condition but not take an action. Which type of product does this describe?
HIDS
Which is the name for a host device that is intentionally placed on the network to lure attackers?
Honeypot
In order to run "sniffer" software properly, the NIC in the computer running the software must be set to which of the following?
Promiscuous Mode
Which command should you use to learn the IP address of a Windows based machine?
ipconfig
Which type of risk strategy is undertaken when you attempt to reduce the risk?
mitigation
An access point that is unauthorized and allows an attacker to bypass network security configurations is considered to be what type of access point?
rogue
Which kind of security attack is a result of the trusting nature of human beings?
social engineering
Which of the following is a system designed to fool attackers into thinking a system is unsecured so they will attack it. Then the "victim" will learn their attack methods without compromising a live system?
Honey Pot
Which of the following is the term used to describes data from different customers residing on separate virtual machines that are on the same physical machine with a cloud based provider?
Hypervisor and Multitenancy
