from the test Flashcards
(147 cards)
<p>\_\_ is an example of asymmetric cryptography</p>
<p>RSA </p>
<p>which e-mail security method is defined in RFC 2632 and RFC 2634? </p>
<p>Secure Multipurpose Internet Mail Extensions (s/mime)</p>
<p>\_\_\_ provides non-repudiation, authentication, and integrity for e-mail messages. </p>
<p>S/MIME 3 </p>
<p>\_\_ \_\_ is a spyware technique that inserts a dynamic link library into a running process's memory. </p>
<p>DLL Injection </p>
<p>\_\_ \_\_ occurs when the length of the input data is longer than the length processor buffers can handle. </p>
<p>Buffer Overflow</p>
<p>The major security vulnerability of using FTP is --- </p>
<p>User ID and password are sent in clear text</p>
<p>This layer of the OSI model segments and reassembles data into a data stream and provides reliable and unreliable end to end data transmission</p>
<p>(Layer 4) Transport</p>
<p>This layer starts, maintains, and stops sessions between applications on different network devices. </p>
<p>(Layer 5) Session Layer</p>
<p>This layer provides the functions to establish and maintain the physical link between network devices</p>
<p>(Layer 1) Physical </p>
<p>\_\_\_ provides centralized remote user authentication, authorization and accounting. </p>
<p>RADIUS</p>
<p>This mode ensures that wireless clients can only communicate with the wireless access point and not with other wireless clients.</p>
<p>Isolation Mode</p>
<p>\_\_\_ is an intrusion detection system (IDS)</p>
<p>Snort</p>
<p>\_\_\_ \_\_\_ is the practice of dispensing IP addresses and host names with the goal of traffic diversion.</p>
<p>DNS poisoning </p>
<p>\_\_\_ \_\_\_ \_\_\_ allows an attacker to reroute data traffic from a network device to a personal computer</p>
<p>Network Address Hijacking </p>
<p>\_\_ is a technique used by intruders to circumvent a lock</p>
<p>Raking</p>
<p>\_\_\_ is a collection of programs that grants a hacker administrative access to a computer or network</p>
<p>Rootkit</p>
<p>\_\_\_ risk analysis does not assign monetary values</p>
<p>Qualitative</p>
<p>\_\_ risk analysis attempts to predict the likelihood a threat would occur and assigns a monetary value in the even a loss occus</p>
<p>Quantitative </p>
<p>\_\_ this risk management is discouraging cerain actions from being taken to protect against risk</p>
<p>Deterrence </p>
<p>\_\_ this risk management is deciding to no longer employ the actions associated with a particular risk.</p>
<p>Avoidance </p>
<p>\_\_ this risk management is taking steps to reduce risk </p>
<p>Mitigation</p>
<p>\_\_\_ \_\_\_ allows you to configure how many new passwords must be created before an old one can be reused. </p>
<p>gdfg</p>
<p>A \_\_ test tests specific systems to ensure their operation at alternate facilities </p>
<p>Parallel Test </p>
<p>The chain of custody guarantees \_\_\_ </p>
<p>the identity and integrity of the evidence from the collection stage to its presentation in the court of law. </p>
The revocation request grace period refers to __
The maximum time taken by the certification authority server to perform a revocation.
You should us a __ to determine if the performance of the server had degraded.
System Monitor
A __ scanner will provide iformation on the ports and services that are available on your network.
Port
A __ test checks your network for known vulnerabilities and provides methods for protection against the vulnerabilities
Vulnerability
During which phase of SSL communication do a web client and a web server establish a TCP/IP connection?
Handshake
Secure Hashing Algorithm (SHA) produces __ bit checksums
160
__ establishes a web of trust between the users.
Pretty Good Privacy (PGP)
PGP is a public key encryption standard that is used to __
to protect e-mail and files that are transmitted over the network.
PGP encrypts data using __ encryption
symmetric
Secure Code Review examines ____
all written code for any security holes that may exist
This type of tool tests your networks security to see if it can be penetrated.
Penetration tester
An Executive succession plan ensures __
that a vital corporate position is filled in the even it is vacated during a disaster
RSA is an example of __ cryptography with ___
asymmetric cryptography with authentication
Asymmetric algorithms include
include Diffie-Hellman, RSA,ElGamal, CAST
Symmetric algorithms include
Data Encryption Standard Triple DES (3DES) Advanced Encryption Standard
A _ virus can infect both executable files and boot sectors of hard disk drives.
Multipart
This command line utility is used to trouble shoot a domain name server.
Nslookup
This utility traces the route a packet takes and records the hops along the way.
Tracert/traceroute
___ is an application layer protocol whose purpose is to collect statistics from TCP/IP devices.
simple network management protocol. (SNMP)
What ports does snmp use?
Ports 161 and 162
_____ allows a user to dial in to the network via a modem or modem pool while providing the user with secure access during the he is connected
Remote access server (RAS)
What infrastructure provides the system for the secure exchange of data over a network through the use of an asymmetric key system?
Public key infrastructure (pki)
Another term for technical controls is __ controls
Logical
A backup control is an example of an ___ control
Operational Control
Software testing is an example of an ___ control
Operational Control
To implement hardware-based encryption on a Windows server 2008, you need a __
Trusted Platform Module (TPM) chip.
Symmetric keys do not ensure __ and ___ for key management because the same key is used for encryption and decryption
Security and Scalability
The best protection against cross-site scripting (XSS) is to __
Disable the running of the scripts
A __ contains a list of serial numbers for digital certificates that have not expired, but that a CA has specified to be invalid.
Certificate Revocation List (CRL)
__ is a hashing algorithm that creates a message digest, which can be used to determine whether a file has been changed since the message digest has been changed
Secure Hashing Algorithm (SHA)-1
This network device acts as an internet gateway, firewall and internet caching server for a private network.
Proxy Server
__ is traffic redirection to a site that looks identical to the intended site
Pharming
__ is an asymmetric public key encryption algorithm based on the Diffie-Hellman key agreement.
ElGamal
__ is a Microsoft Windows feature that supports file encryption on NTFS hard disk volumes.
Encrypting File System (EFS)
Sending data across an insecure network, such as the internet, affects __ and __
Confidentiality And Integrity
___ is a block cipher encryption standard that uses a single 56-bit encryption to encrypt 64- bit blocks of data.
Data Encryption Standard
__ IDS watches for intrusions that match a known identity.
Signature IDS
A __ IDS detects activities that are unusual.
Anomaly- based
Make sure to look up PBX attacks
PBX
__ was created to deal with Voice over IP and wireless services.
Diameter
__ is used to digitally sign packets that are transmitted on Internet Protocol Security (IPsec connections.
Kyed Hashing for Message Authentication Code (KHMAC
__ files contain information about viruses, such as examples of virus code and the types that a particular virus infects
Signature File
What is the purpose of Infrastructure as a Service in cloud computing?
It provides computer and server infrastructure, typically through a virtualization environment.
What is the main difference between virtualization and cloud computing?
The location and ownership of the physical components.
Which document lists the steps to take in case of a disaster to your main IT site?
Disaster Recovery Plan (DRP)
Which private-key encryption algorithm does PGP use to encrypt data?
International Data Encryption Algorithm (IDEA)
Which document is used when it is necessary to invoke legal action against an employee for inappropriate use of computer resources.
Acceptable use policy
Which error arises because data is not checked before input to ensure that it has an appropriate length?
Buffer overflow errors
Which business continuity planning factor includes vulnerability analysis
Business Impact Assessment
What is the name of the process for removing only the incriminating data from the audit logs?
Scrubbing
Which port does NNTP
119
Which audit category monitors changes to user accounts and groups?
The Audit Account Management category
__ based monitoring looks for behavior that is not allowed and acts accordingly
Behavior
A __ filtering firewall only looks at a data packet to obtain the source and destination addresses and the protocol and port used.
Packet Filtering Firewall
LDAP entries are contained in a __ which is a hierarchical structure that can be searched for directory information.
Directory Information Tree
__ is a private key encryption standard that was developed by the us government for the Clipper Chip.
Skipjack
Skipjack uses an _-bit key.
80
A ___ firewall is also referred to as an appliance firewall.
Hardware
__ provides a transparent firewall solution between an internal network and outside networks.
NAT
Separation of duties is employed when user accounts are __
created by one employee and user permissions are configured by another employee.
The primary loop protection on an Ethernet network is __
Spanning Tree Protocol (STP)
What is a disadvantage of a hardware firewall compared to a software firewall?
A hardware firewall has a fixed number of available interfaces.
What is an embedded firewall?
A firewall that is integrated into a router.
A software firewall is installed on a ___
server operating system.
A _ is an encryption method designed to be used only once.
One-time pad (OTP)
___ is an 802.11b communications mode that enables wireless devices to communicate directly.
Ad hoc
Classification of information is typically part of an __
information policy
Secure Hashing Algorithm (SHA) produces __ bit checksums.
160 bit
Which size checksum does MD5 produce?
128 bit
