FORMATIVE 4 Flashcards
(20 cards)
Why is WEP considered insecure for modern wireless networks?
highly vulnerable to hacking
its age
its lack of encryption
its use of clear text passwords
its lack of support
highly vulnerable to hacking
To identify potential vulnerabilities, what baseline should the user compare the current operating system state against?
a baseline
a whitelist
a pentest
a vulnerability scan
a blacklist
a baseline
What service translates a website’s domain name into its corresponding IP address?
DNS
DHCP
ICMP
NTP
DNS
What three power-related should a technician be aware of?
brownout
blackout
spike
flicker
fuzzing
spark
brownout
blackout
spike
How do Host-based Intrusion Dection Systems (HIDS) differ from firewalls?
HIDS oversees host computer operating systems and file activity, whereas firewalls regulate traffic between systems.
Firewalls control traffic flow based on predefines rules, while HIDS focuses on monitoring network activity.
HIDS functions similarly to Intrusion Prevent Systems (IPS), whereas firewalls primarily monitor traffic.
Firewalls filter packets, limiting their effectivess, whereas HIds provides comprehensive intrusion prevention.
HIDS proactively blocks intrusions, firewalls filter incoming traffic.
HIDS oversees host computer opeating systes and file activity, whereas firewalls regulat traffic between systems.
A user reports frequent, unexpected changes to the wireless network password. What could be causing this issue?
roguue access point
user error
weak password
password policy
user laptop
rogue access point
What secure technology can provide an encrypted communication channel for telecommuting employees to access company resources remotely?
VPN
T1
modem
fiber
PPP
VPN
How does disk cloning benefit desktop support by reducing workstation downtime? (Choose three.)
Simplifies new computer rollout
Enables comprehensive system backups
Delivers pristine, standardized machine images.
Guarantees hardware and software consistency
Reduces personnel requirements
Fosters technological uniformity
Simplifies new computer rollout.
Delivers pristine, standardized machine images.
Guarantees hardware and software consistency
Whhat protocol is recommended for secure and flexiblwe remote server access?
Secure Shell
Remote Desktop
Telnet
Secure Copy
Secure Shell
What three compelling reasons can be used to justify implementing a patchh management service?
comprehensive reporting capabilities for system visibility
enforced consistency, preventing users from bypassing essential updates
centralized scheduling and management of upudate deployments
potential reduction in storage requirements
elimination of internet exposure for internal systems
user-controlled update selection and customization
comprehensive reporting capabilities for system visibility
enforced consistency, preventing users from bypassing essential updates
centralized scheduling and management of uipdate deployments
Why is Kali Linux widely used for network penetration testing and vulnerability assessments?
It’s a comprehensive, open-source Linux distribution featuring over 300 security tools
It simulates attacks using malicious software to identify vulnerabilities
It captures and logs network trafffic for analysis.
It’s a network scanning tool that prioritizes and identifies potential security threats.
It’s a comprehensive, open-source Linux distribution featuring over 300 security tools
What cloud-based service would be most suitable for hosting commercial softweare to reduce deployment costs?
SaaS
PaaS
RaaS
IaaS
SaaS
What are the three primary services offered by the Computer Emergency Response Team (CERT)?
Design solutions for digital forensic analysis
Develop vulnerability assessment tools and methodologies
Remediate software vulnerabilities
Establish and enforce software compliance standards
Create threat simulation tools
Develop malware analysis and mitigation tools
Develop vulnerability assessment tools and methodologies
Remediate software vulnerabilities
Create threat simulation tools
Under which federal law is student information protected from unauthorized disclosure?
FERPA
HIPPA
CIPA
COPPA
FERPA
What tool would a security professional utilize to conduct a vulnerability assessment and identify security risks within the company’s network?
vulnerability scanner
malware
pentest
packet analzer
vulnerability scanner
Which federal law applies to individuals who intentionally access government computers without authorization?
CFAA
SOX
ECPA
GLBA
CFAA
To mitigate user-based security risks, What three measures could the company implement to contorl unauthorized software downloads, website access, and personal device usage? (Choose three.)
Conduct regular employee security education
Restrict peripheral device usage
Enable web content filtering
Establish consequences for non-compliance
Implement userr activity monitoring
Deploy this client technology
Conduct regular employee security education
Restrict peripheral device usage
Enable web content filtering
What are three exceptions to the Freedom of Information Act (FOIA) that allow for withholding certain information?
Proprietary business data
Sensitive law enforcement files
Classified national security and foreign policy information
Statutorily excluded information
Financial instituition records
Confidential well data
Proprietary business data
Sensitive law enforcement files
Classified national security and foreign policy information
What industry specific regulation governs the protection of credit card data in the event of the breach?
PCI DSS
SOX
ECPA
GLBA
PCI DSS
What key principle should security professional grasp to guide their ethical judgment when handling sensitive information and assets?
laws governing the data
cloud providers
potential gain
partnerships
potential bonus
laws governing the data
