Architecture and Design Flashcards
1
Q
What are the three issues that symmetric data encryption fails to address?
A
- Digital integrity
- Repudiation
- Scalable Key Distribution
2
Q
Which encryption method is more scalable?
A
Asymmetric encryption
3
Q
What is the key length used by a one-time pad?
A
- The key length is the same length as the message that is to be encrypted
- The message length determines the key length
4
Q
Which term refers to the assurance that data has not been altered in transmission?
A
Data integrity
5
Q
What is the size, in bits, of a Message Digest version 5 (MD5) hash?
A
128 bits
6
Q
What is meant by the term VM escape?
A
An exploit in which the attacker runs code on a VM that allows an OS running within it to break out and interact directly with the hypervisor
7
Q
What key is used to decrypt a digital signature: public or private
A
Public
8
Q
What does the acronym MFD denote?
A
Multi-functional device
9
Q
Which private-key encryption algorithm does Pretty Good Privacy (PGP) use to encrypt data?
A
International Data Encryption Algorithm (IDEA)
10
Q
Why should you periodically test an alternate site?
A
To ensure continued compatibility and recovery
11
Q
What bit length is the hash value provided by the Secure Hash Algorithm (SHA)
A
160 bits
12
Q
What is the name of the array where hashed items are kept?
A
Hash table
13
Q
What is the process by which a system determines that a specific user is authorized to perform certain functions?
A
Authorization
14
Q
What is the purpose of a file’s MD5 hash value?
A
To verify file integrity
15
Q
Which servers are susceptible to the same type of attacks as their host, including DoS attacks, detection attacks, and escape attacks?
A
Virtual servers
16
Q
What is the purpose of a Message Authentication Code (MAC)
A
Message Authentication Code (MAC) helps protect against fraud in electronic fund transfers
17
Q
What does the acronym IoT denote
A
Internet of Things
18
Q
What is meant by the term transitive trust?
A
A two-way relationship created between parent and child domains
19
Q
What is the purpose of DLP?
A
Data Loss Prevention (DLP) is a network system that monitors data on computers to ensure the data is not deleted or removed
20
Q
What does the acronym UAV denote?
A
Unmanned Aerial Vehicle
21
Q
Which fire suppression method, formally used to suppress fires involving electrical equipment or liquids, has been discontinued?
A
Halon gas
22
Q
What is a pass-the-hash attack?
A
When an attacker obtains a hashed user credential and uses it to authenticate to a system without cracking it
23
Q
Is the Data Encryption Standard (DES) algorithm asymmetric or symmetric?
A
Symmetric
24
Q
Which alternate computing facility takes the least amount of time to become operational?
A
Hot site
25
Which fingerprint scan will analyze fingerprint ridge direction?
Minutiae matching
26
What is the primary purpose of Tripwire?
To monitor the baseline configuration of a system and the changes made to it
27
Which type of attack on a cryptographic algorithm uses brute force methods to encrypt text strings until the output matches the ciphertext?
A mathematical attack?
28
What is the safest method for creating and managing key pairs: centralized or de-centralized key management?
Centralized key management
29
What is another name for RAID5
Disk striping with parity
30
What are the two most important security needs that are met using Secure Multipurpose Internet Mail Extensions (S/MIME)?
* Authentication
| * Confidentiality
31
What are the two other names for single-key cryptography?
* Symmetric key encryption
| * Secret-key encryption
32
What is the most important biometric system characteristic?
Accuracy
33
What does the acronym FRR denote?
False rejection rate
34
Should virtual servers have the same information security requirements as physical servers?
Yes
35
What was the first public-key algorithm ever user?
Diffie-Hellman
36
When does fuzzing occur?
When unexpected values are provided as input to an application in an effort to make the application crash
37
Which cryptography technique is based on a combination of two keys:
* A secret private key
* A public key
Public-key cryptography
38
What public-key algorithm was the first to allow two users to exchange a secret key over an insecure medium without any prior keys?
Diffie-Hellman
39
What is the primary concern of RAID?
Availability
40
What does the acronym RAID denote?
Redundant Array of Inexpensive Disks
41
Is the Message Digest 5 (MD5) algorithm used with symmetric or asymmetric key algorithms?
Asymmetric
42
What is the purpose of fuzz testing?
To identify bugs and security flaws within an application
43
What is the purpose of a bollard?
A bollard is a physical security control that prevents cars from accessing certain areas. They are most often deployed in front of retail storefronts
44
What is another name for RAID 1?
Disk mirroring
45
What is a hot site?
An alternate computing facility with telecommunications equipment and computers
46
Is the RSA algorithm symmetric or asymmetric?
Asymmetric
47
What is Microsoft Baseline Security Analyzer?
A Microsoft app that creates security reports
48
What is a cold site?
An alternate computing facility with no telecommunications equipment or computers
49
Which backup method backs up every file on the server each time it runs?
Full backup
50
What are the two types of ciphers?
* Block ciphers
| * Streaming ciphers
51
What does the acronym CER denote?
Crossover error rate
52
What is the purpose of application hardening?
Ensures that an application is secure and unnecessary services are disabled
53
Which type of disaster recovery site provides very little fault tolerance for the primary data center and relies on backups to bring the data center back online?
Cold site
54
Why is the location of an alternate site important?
You do not want it to be affected by the same disaster as your primary facility?
55
What is the basis by which a device is measured for integrity
The secure baseline
56
Which type of cryptography relies more on physics, rather than mathematics, as a key aspect of its security model?
Quantum cryptography
57
What does thy acronym HVAC denote?
Heating, Ventilation, and Air Conditioning
58
What is a honeynet?
When two or more honeypots are implemented on a network
59
Which security concept ensures that data is protected from being accessed by unauthorized persons?
Confidentiality
60
What block cipher and key size (in bits) are used by the Clipper Chip?
The skipjack block cipher and an 80-bit key length
61
On what does the Pretty Good Privacy (PGP) mail standard rely?
A web of trust
62
According to the CompTIA Security+ blueprint, what are the four authentication attributes?
* Somewhere you are
* Something you can do
* Something you exhibit
* Someone you know
63
What does the acronym VM denote?
Virtual Machine
64
What does the acronym EMP denote?
Electro-magnetic pulse
65
What bit length is the hash value provided by the Message Digest 2 (MD2), MD4, and MD5 algorithms?
128-bits
66
What is meant by the term VM sprawl?
When the number of virtual machines (VMs) on a network reaches a point where the administrator can no longer manage them effectively
67
What is the main difference between virtualization and cloud computing?
The location and ownership of the physical components
68
What does the acronym SoC denote?
System on a Chip
69
What is another name for RAID 0?
Disk striping
70
What is the purpose of Infrastructure as a Service (IaaS) in cloud computing
It provides computer and server infrastructure, typically through a virtualized environment
71
What are the two types of eye scan?
* Iris scans
| * Retail scans
72
What does the acronym FAR denote?
False acceptance rate
73
What is the purpose of Platform as a Service (PaaS) in cloud computing?
It provides not only virtualized deployment platforms but also value-added solution stack and application development platforms
74
What is the term for the process that applies a one-way mathematical function called a message digest function to an arbitrary amount of data?
Hashing
75
What is a baseline?
The minimum level of security and performance of a system in an organization
76
What is the term for a server that has been configured specifically to distract an attacker from production systems?
Honeypot
77
Which standard is a specification for secure email, designed to prevent the decryption of email messages?
Secure Multipurpose Internet Mail Extension (S/MIME)
78
Which type of cryptography is more secure: symmetric or asymmetric?
Asymmetric
79
What is a honeypot?
A decoy system in the network installed to lure potential intruders away from legitimate systems
80
What is the purpose of SCADA?
To collect data from factories, plants, or other remote locations, and send the data to a central computer that manages and controls the data
81
What is the purpose of an airgap?
To ensure that a secure computer network is physically isolated from unsecure networks
82
What backup method serves as the baseline for a backup set?
Full backup
83
Which two fire suppression agents are used to suppress fires involving paper and wooden furniture?
* Water
| * Soda acid
84
What does the acronym ICS denote?
Industrial Control System
85
What is the purpose of hot and cold isles?
To control airflow in the data center
86
What is most commonly used to provide proof of a message's origin?
Digital signature
87
What is the purpose of embedding a timestamp within ciphertext?
Decrease the chances of a message being replayed
88
What does the acronym VDE denote?
Virtual Desktop Environment
89
What is the purpose of a mantrap?
Prevent people from piggybacking on the credentials of legitimate personnel to gain entry into a building
90
What does the acronym VDI denote?
Virtual Desktop Infrastructure
91
What are the four types of water sprinklers?
* Wet pipe
* Dry pipe
* Preaction
* Deluge
92
Which alternate computing facility is the least expensive to maintain before a disaster occurs?
Cold site
93
Does Pretty Good Privacy (PGP) provide confidentiality?
Yes
94
What does the acronym PGP denote?
Pretty Good Privacy
95
Is the RC2 algorithm symmetric or asymmetric?
Symmetric
96
Which encryption method is faster?
Symmetric encryption
97
What is the opposite of confidentiality?
Disclosure
98
According to the CompTIA Security+ bluepring, which category of embedded devices include wearable technology and home automation?
Smart Devices and IoT
99
What is the purpose of input validation?
Ensure that data being entered into a database follows certain parameters
100
What does the acronym DLP denote?
Data Loss Prevention
101
What is the name of an encryption key that can be easily reversed-engineered from the encryption data by brute force methods?
Weak key
102
What are four common service models of cloud computing?
* Infrastructure as a Service (IaaS)
* Monitoring as a Service (MaaS)
* Platform as a Service (PaaS)
* Software as a Service (SaaS)
103
Which eye scan measures the pattern of blood vessels in the back of the eye
Retinal scan
104
How is a digital signature created from a message digest?
It is encrypted using the sender's private key
105
Which algorithms are asymmetric key algorithms?
* Rivest, Shamir, and Adleman (RSA)
* Elliptic Curve Cryptosystem (ECC)
* Diffie-Hellman
* El Gamal
* Digital Signature Algorithm (DSA)
* Knapsack
106
What is another name for public-key encryption
Asymmetric encryption
107
Is International Data Encryption Algorithm (IDEA) symmetric or asymmetric?
Symmetric
108
Which encryption algorithm uses an 80-bit key to encrypt 64-bit blocks of data?
Skipjack
109
Is the Skipjack algorithm symmetric or asymmetric
Symmetric
110
According to the CompTIA Security+ blueprint, what are the three authentication factors?
* Something you know
* Something you have
* Something you are
111
If Alice wants to encrypt a message using asymmetric encryption that only Bob can read, which key must she use?
Bob's public key
112
What is the key size, in bits, of the Data Encryption Standard (DES)?
56-bits
113
What is meant by the term integrity measurement in a secure staging development?
Monitoring a device to ensure that it has not deviated from the secure baseline?
114
Is Advanced Encryption Standard (AES) symmetric or asymmetric?
Symmetric
115
Which hashing algorithm produces a message digest of 160 bits in length?
Secure Hash Algorithm (SHA-1)
116
Which application hardening method requires that your organization periodically checks with the application vendor?
Patch management
117
Is the Tripple-DES (3DES) algorithm symmetric or asymmetric?
Symmetric
118
In asymmetric encryption for a digital signature, which key is used for encryption: public or private?
Private
119
What is steganography?
A cryptography method in which data is hidden in another media type
120
What ensures that a user is who he claims to be?
Identification
121
What is the length of an IDEA key?
128-bit
122
What does the acronym RTOS denote?
Real-Time Operating System
123
What is the purpose of a Faraday cage?
Prevent electromagnetic signals from penetrating the area inside the cage
124
Which key should be encrypted and protected with a password when stored: a public key or a private key?
Private key
125
Which type of eye scan is considered more intrusive than other eye scans?
Retinal scan
126
Which type of cipher encrypts data in fixed-size blocks?
Block
127
According to the CompTIA Security+ blueprint, what is included as specialized systems?
* Medical devices
* Vehicles
* Aircrafts
* Smart meters
128
Which term refers to voice communication over a network
Telephony or Voice over IP (VoIP)
129
What is the purpose of Software as Service (SaaS) in cloud computing?
It ensures on-demand, online access to an application suite without the need for local installation
130
What is a warm site?
An alternate computing facility with telecommunication equipment but no computers
131
What backup method backs up every file modified on the server since the last full backup, and reset the archive bit?
Incremental backup
132
What are the four types of cloud computing based on management type?
* Public
* Private
* Hybrid
* Community
133
What is meant by the term federation when referring to authentication systems?
A system that lets subscribers use the same identification data to obtain access to the networks of all enterprises in the group
134
What algorithms are symmetric key algorithms
* Data Encryption Standard (DES)
* Triple DES (3DES)
* Blowfish
* IDEA
* RC4
* RC5
* RC6
* Advanced Encryption Standard (AES)
135
Which type of fire suppression system is the safest for both computer equipment and personnel: FM-200 or Carbon Dioxide?
FM-200
136
What does the acronym SCADA denote?
Supervisory Control And Data Acquisition
137
What is the best method to preserve evidence on a computer: bit stream backup or standard backup
Bit stream backup
138
What is the purpose of secure code review?
It examines all written code for any security holes that may exist
139
What is the purpose of a fail-safe error handler?
To ensure that the application stops working, reports the error, and closes down
140
What is the name for a hash algorithm that translates plaintext into an intermediate form
A cipher
