1400 Flashcards by Landon Todd

Which of the following cannot be used along with fencing as a security perimeter? A. vapor barrier B. rotating spikes C. roller barrier D. anti-climb pain

A. vapor barrier

How well did you know this?

Not at all

Perfectly

A __________ can be used to secure a mobile device. A. cable lock B. mobile chain C. security tab D. mobile connector

A. cable lock

How well did you know this?

Not at all

Perfectly

Which of the following is not used to secure a desktop computer? A. data encryption B. screen locking C. remote wipe/sanitation D. strong passwords

C. remote wipe/sanitation

How well did you know this?

Not at all

Perfectly

Which is the first step in securing an operating system? A. implement patch management B. configure operation system security and settings C. perform host software baselining D. develop the security policy

D. develop the security policy

How well did you know this?

Not at all

Perfectly

A typical configuration baseline would include each of the following except __________. A. changing any default settings that are insecure B. eliminating any unnecessary software C. enabling operating system security features D. performing a security risk assessment

D. performing a security risk assessment

How well did you know this?

Not at all

Perfectly

Which of the following is NOT a Microsoft Windows setting that can be configured through a security template? A. account policies B. user rights C. keyboard mapping D. system services

C. keyboard mapping

How well did you know this?

Not at all

Perfectly

__________ allows for a single configuration to be set and then deployed to many or all users. A. group policy B. active directory C. snap-in replication (SIR) D. command configuration

A. group policy

How well did you know this?

Not at all

Perfectly

A __________ addresses a specific customer situation and often may not be distributed outside that customer’s organization. A. rollup B. service pack C. patch D. hotfix

D. hotfix

How well did you know this?

Not at all

Perfectly

Which of the following is NOT an advantage to an automated patch update service? A. Administrators can approve or decline updates for client systems - force updates to install by a specific date - and obtain reports on what updates each computer needs B. Downloading patches from a local server instead of using the vendor’s online update service can save bandwidth and time because each computer does not have to connect to an external server C. users can disable or circumvent updates just as they can if their computer is configured to use the vendor’s online update service. D. Specific types of updates that the organization does not test - such as hotfixes - can be automatically installed whenever they become available.

C. users can disable or circumvent updates just as they can if their computer is configured to use the vendor’s online update service.

How well did you know this?

Not at all

Perfectly

Each of the following is a type of matching used by anti-virus software except __________. A. string scanning B. wildcard scanning C. match scanning D. mismatch scanning

C. match scanning

How well did you know this?

Not at all

Perfectly

How does heuristic detection detect a virus? A. a virtualized environment is created and the code is executed in it B. A string of bytes from the virus is compared against the suspected file C. The bytes from the virus are placed in different “piles” and then used to create a profile D. The virus signature file is placed in a suspended chamber before streaming to the CPU

A. a virtualized environment is created and the code is executed in it

How well did you know this?

Not at all

Perfectly

A cross-site request forgery (XSRF) __________. A. is used to inherit the identity and privileges of the victim B. is identical to cross-site scripting (XSS) C. cannot be blocked D. can only be used with a Web-based e-mail client

A. is used to inherit the identity and privileges of the victim

How well did you know this?

Not at all

Perfectly

Which of the following is a list of approved e-mail senders? A. whitelist B. blacklist C. greylist D. greenlist

A. whitelist

How well did you know this?

Not at all

Perfectly

A(n) __________ can provide details regarding requests for specific files on a system. A. audit log B. access log C. report log D. file log

B. access log

How well did you know this?

Not at all

Perfectly

Errors that occur while an application is running are called __________. A. exceptions B. faults C. liabilities D. conventions

A. exceptions

How well did you know this?

Not at all

Perfectly

Which is the preferred means of trapping user input for errors? A. Input validation B. On-trap input C. escaping D. Fuzz testing

C. escaping

How well did you know this?

Not at all

Perfectly

Each of the following is true about data loss prevents (DLP) except __________. A. it can only protect data in use B. it can scan data on a DVD C. it can read inside compressed files D. a policy violation can generate a report or block the data

A. it can only protect data in use

How well did you know this?

Not at all

Perfectly

Network hardware that provides multiple security functions.

All-In-One Network Security Appliance

How well did you know this?

Not at all

Perfectly

A monitoring technique used by an IDS that creates a baseline of normal activities and compares actions against the baseline. Whenever a significant deviation from this baseline occurs - an alarm is raised.

Anomaly-Based Monitoring

How well did you know this?

Not at all

Perfectly

A monitoring technique used by an IDS that uses the normal processes and actions as the standard and compares actions against it.

Behavior-Based Monitoring

How well did you know this?

Not at all

Perfectly

A separate network that rests outside the secure network perimeter; untrusted outside users can access the DMZ but cannot enter the secure network.

Demilitarized Zone (DMZ)

How well did you know this?

Not at all

Perfectly

A monitoring technique used by an IDS that uses an algorithm to determine if a threat exists.

Heuristic Monitoring

How well did you know this?

Not at all

Perfectly

A software-based application that runs on a local host computer that can detect an attack as it occurs.

Host Intrusion Detection System (HIDS)

How well did you know this?

Not at all

Perfectly

A device designed to be active security; it can detect an attack as it occurs.

Intrusion Detection System (IDS)

How well did you know this?

Not at all

Perfectly

A device that can direct requests to different servers based on a variety of factors - such as the number of server connections - the server's processor utilization - and overall performance of the server.

Load Balancer

A technique that examines the current state of a system or network device before it is allowed to connect to the network.

Network Access Control (NAC)

A technique that allows private IP addresses to be used on the public Internet.

Network Address Translation (NAT)

A technology that watches for attacks on the network and reports back to a central device.

Network Intrusion Detection System (NIDS)

A technology that monitors network traffic immediately react to block a malicious attack.

Network Intrusion Prevention System (NIPS)

A computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user.

Proxy Server

Any combination of hardware and software that enables remote users to access a local internal network.

Remote Access

A computer or an application program that routes incoming request to the correct server.

Reverse Proxy

A device that can forward packets across computer networks.

Router

A monitoring technique used by an IDS that examines network traffic to look for well-known patterns and compares the activities against a predefined signature.

Signature-Based Monitoring

A technique that uses IP addresses to divide a network into network - subnet - and host.

Subnetting (Subnet Addressing)

A device that connects network segments and forwards only frames intended for that specific device or frames sent to all devices.

Switch

A technology that allows scattered users to be logically grouped together even though they may be attached to different switches.

Virtual LAN (VLAN)

A technology to use an unsecured public network - such as the Internet - like a secure private network.

Virtual Private Network (VPN)

A device that aggregates hundreds or thousands of VPN connections.

VPN Concentrator

A special type of firewall that looks more deeply into packets that carry HTTP traffic.

Web Application Firewall

A device that can block malicious content in "real time" as it appears (without first knowing the URL of a dangerous site).

Web Security Gateway

ISO stands for the __________.

International Organization for Standardization

OSI stands for the __________.

Open Systems Interconnection

Which of the following is true about subnetting? A. it requires the use of a Class B network B. it divides the network IP address on the boundaries between bytes C. it provides very limited security provisions D. it is also called subnet addressing

D. it is also called subnet addressing

A virtual LAN (VLAN) allows devices to be grouped __________. A. based on subnets B. logically C. directly to hubs D. only around core switches

B. logically

Which of the following devices is easier for an attacker to take advantage of to capture and analyze packets? A. hub B. switch C. router D. load balancer

A. hub

Which of the following is not an attack against a switch? A. MAC flooding B. ARP address impersonation C. ARP poisoning D. MAC address impersonation

B. ARP address impersonation

Which of the following is not true regarding a demilitarized zone (DMZ)? A. it provides an extra degree of security B. it typically includes an e-mail or Web server C. it can be configured to have one or two firewalls D. it contains servers that are used only by internal network user

D. it contains servers that are used only by internal network users

Which of the following is true about network address translation (NAT)? A. it substitutes MAC addresses for IP addresses B. it removes private addresses when the packet leaves the network C. it can be found only on core routers D. it can be stateful or stateless

B. it removes private addresses when the packet leaves the network

Which of the following is not an advantage of a load balancer? A. the risk of overloading a desktop client is reduced B. network hosts can benefit from having optimized bandwidth C. network downtime can be reduced D. DoS attacks can be detected and stopped

A. the risk of overloading a desktop client is reduced

Which of the following is another name for a packet filter? A. proxy server B. reverse proxy server C. DMZ D. firewall

D. firewall

A __________ firewall allows the administrator to create sets of related parameters that together define one aspect of the device's operation. C. proxy server A. content filter B. host detection server C. proxy server

D. settings-based

A(n) __________ intercepts an internal user request and then processes that request on behalf of the user. A. content filter B. host detection server C. proxy server D. intrusion prevention device

C. proxy server

A reverse proxy __________. A. only handles outgoing requests B. is the same as a proxy server C. must be used together with a firewall D. routes incoming requests to the correct server

D. routes incoming requests to the correct server

Which is the preferred location for a spam filter? A. install the spam filter with the SMTP server B. install the spam filter on the POP3 server C. install the spam filter on the proxy server D. install the spam filter on the local host client

A. install the spam filter with the SMTP server

A __________ watches for attacks and sounds an alert only when one occurs. A. network intrusion prevention system (NIPS) B. proxy intrusion device C. network intrusion detection systems (NIDS) D. firewall

C. network intrusion detection system (NIDS)

A multipurpose security device is known as a(n) __________. A. unified attack management system (UAMS) B. intrusion detection/prevention device C. all-in-one network security appliance D. proxy security system (NSS)

C. all-in-one network security appliance

Each of the following can be used to hide information about the internal network except __________. A. a protocol analyzer B. a proxy server C. network address translation (NAT) D. subnetting

A. a protocol analyzer

What is the difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS)? A. A NIPS can take actions quicker to combat an attack B. A NIDS provides more valuable information about attacks C. A NIPS is much slower because it uses protocol analysis D. There is no difference because a NIDS and a NIPS are equal

A. A NIPS can take actions quicker to combat an attack

A variation of NAT that is commonly found on home routers is ___________. A. port address translation (PAT) B. network proxy translation (NPT) C. network address IP transformation (NAIPT) D. subnet transformation (ST)

A. port address translation (PAT)

If a device is determined to have an out-of-date virus signature file - then Network Access Control (NAC) can redirect that device to a network by __________. A. a Trojan horse B. TCP/IP hijacking C. Address Resolution Protocol (ARP) poisoning D. DHCP man-in-the-middle

C. Address Resolution Protocol (ARP) poisoning

Each of the following is an option in a firewall rule except __________. A. prompt B. block C. delay D. allow

C. delay

A firewall using __________ is the most secure type of firewall. A. stateful packet filtering B. network intrusion detection system replay C. stateless packet filtering D. reverse proxy analysis

C. stateless packet filtering

A pay-per-use computing model in which customers pay only for the computing resources that they need - and the resources can be easily scaled.

Cloud Computing

A security technique to turn off ports on a network device that are not required.

Disabling Unused Ports

An unsecure TCP/IP protocol that is commonly used for transferring files.

File Transfer Protocol (FTP)

A feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack.

Flood Guard

A TCP/IP protocol that uses Secure Sockets Layer/Transport Layer Security (SSL/TLS) to encrypt commands sent over the control port (Port 21) in an FTP session.

FTP using Secure Sockets Layer (FTPS)

A standard that blocks all traffic on a port-by-port basis until the client is authenticated using credentials stored on an authentication server.

IEEE 802.1x

A TCP/IP protocol that is used by devices to communicate updates or error information to other devices.

Internet Control Message Protocol (ICMP)

The next generation of the IP protocol that addresses weaknesses of IPv4 and provides several significant improvements.

Internet Protocol Version 6 (IPv6)

Using a data-based IP network to add digital voice clients and new voice application onto the IP network.

IP Telephony

Preventing broadcast storms by using the IEEE 802.1d standard spanning-tree algorithm (STA).

Loop Protection

A security technique to limit the number of media access control (MAC) addresses allowed on a single port.

MAC Limiting and Filtering

The process of administration that relies on following procedural and technical rules.

Rule-Based Management

A TCP/IP protocol used mainly on UNIX and Linux devices that securely transports files by encrypting files and commands.

Secure Copy Protocol (SCP)

A secure TCP/IP protocol that is used for transporting files by encrypting and compressing all data and commands.

Secure FTP (SFTP)

A TCP/IP protocol that exchanges management information between networked devises. It allows network administrators to remotely monitor - manage - and configure devices on the network.

Simple Network Management Protocol (SNMP)

The most common protocol suite used today for local area networks (LANs) and the Internet.

Transmission Control Protocol/Internet Protocol (TCP/IP)

A means of managing and presenting computer resources by function without regard to their physical layout or location.

Virtualization

The TCP/IP architecture uses how many layers?

D. four

Which of the following would not be a valid Internet Control Message Protocol (ICMP) error message? A. Network unreachable B. Host unreachable C. router delay D. Destination Network unknown

C. router delay

Each of the following attacks uses Internet Control Message Protocol (ICMP) except __________. A. Smurf DoS attack B. ICMP Redirect attack C. Ping of Death D. ICMP poisoning

D. ICMP poisoning

Which version of Simple Network management Protocol (SNMP) is considered the most secure? A. SNMPv2 B. SNMPv3 C. SNMPv4 D. SNMPv5

B. SNMPv3

Which of the following Domain Name System (DNS) attacks substitutes a fraudulent IP address for a symbolic name? A. DNS replay B. DNS poisoning C. DNS masking D. DNS forwarding

B. DNS poisoning

Which of the following is the most secure protocol for transferring files? A. SCP B. FTPS C. SFTP D. FTP

C. SFTP

The address space in an IPv6 header is __________ bits in length. A. 32 B. 64 C. 128 D. 256

C. 128

Each of the following is a technique for securing a router except __________. A. make all configuration changes remotely B. secure all ports C. use a meaningful router name D. set a strong administrator password

A. make all configuration changes remotely

Which of the following is true regarding a flood guard? A. it is a separate hardware appliances that is located inside the DMZ B. it can be used on either local host systems or network devices C. it protects a router from password intrusion D. it prevents DoS or DDoS attacks

D. it prevents DoS or DDoS attacks

Each of the following is a type of a network security hardware log except __________. A. local host anti-virus log B. NIDS and NIPS logs C. proxy server log D. firewall log

A. local host anti-virus log

Each of the following is an entry in a firewall log that should be investigated except __________. A. IP addresses that are being rejected and dropped B. suspicious outbound connections C. IP addresses that are being rejected and dropped D. successful logins

D. successful logins

If a group of users must be separated from other users - which is the most secure network design? A. use a VLAN B. connect them to different switches and routers C. use a subnet mask D. it is impossible to separate users on a network

B. connect them to different switches and routers

Why is loop protection necessary? A. it denies attackers from launching DDoS attacks B. it prevents a broadcast storm that can cripple a network C. it must be installed before IEEE 802.1d can be implemented D. it makes a DMZ more secure

B. it prevents a broadcast storm that can cripple a network

What does MAC limiting and filtering do? A. it limits devices that can connect to a switch B. it prevents Address Resolution Protocol spoofing C. it provides security for a router D. it allow only approved wireless devices to connect to a network

A. it limits devices that can connect to a switch

In a network using IEEE 802.1x - a supplicant __________. A. makes a request to the authenticator B. contacts the authentication server directly C. can only be a wireless device D. must use IEEE 802.11d to connect to the network

A. makes a request to the authenticator

Which of the following is true regarding security for a computer that boots to Apple Mac OS X and then runs a Windows 7 virtual machine? A. the security of the Apple Mac OS X completely protects the Windows 7 virtual machine B. the security of the Windows 7 virtual machine completely protects the Apple Mac OS X C. the Windows 7 virtual machine needs its own security D. the hypervisor protects both the Apple Mac OS X and Windows 7 operating systems

C. the Windows 7 virtual machine needs its own security

Which of the following is not an advantage of host virtualization? A. penetration testing can be performed using a simulated network environment on a computer using multiple virtual machines B. only on copy of anti-virus software is needed C. security patches can be tested D. host operating system virtualization can be used for training purposes

B. only one copy of anti-virus software is needed

Which of the following is not a security concern of virtualized environments? A. virtual machines must be protected from both the outside world and also from other virtual machines on the same physical computer. B. virtual servers are less expensive than their physical counterparts C. live migration can immediately move one virtualized server to another hypervisor D. physical security appliances are not always designed to protect virtual systems

B. virtual servers are less expensive than their physical counterparts

__________ is adding digital voice clients and new voice applications onto the IP network. A. VoIP B. IP telephony C. TCP/IP convergence D. Voice Packet consolidation (VPC)

B. IP telephony

Which of the following is not a characteristic of cloud computing? A. limited client support B. on-demand self-service C. immediate elasticity D. metered services

A. limited client support

1400 Flashcards

(100 cards)