Mod B

Question 1

this type of log monitors computer system events such as when a computer stops or starts and OS events, such as when a service starts or stops

Answer 1

system logs

Question 2

successful and failed login attempts are most likely to be contained within what type of logs

Answer 2

security

Question 3

Diffie Hellman and ElGamal key exchange uses what mathematical function

Answer 3

discrete logarithms

Question 4

RSA uses what mathematical function

Answer 4

prime number factors

Question 5

Ad hoc mode, also called peer to peer mode, is useful for sharing ___ from one computer to anotherr

Answer 5

files

Question 6

Only ___ sites support DR testing in accordance with a company’s DRP

Answer 6

hot

Question 7

In a ___ attack, an attacker sends UDP pakcets with a spoofed source address to a directed broadcast address. Every device that receives one of thse UDP boradcasts will send a response to the spoofed source address

Answer 7

fraggle

Question 8

___ attacks use malformed IP packets in which the source and destination address and port are the same. When the victim with the destination receives the packet, it can become confused and crash

Answer 8

LAND (local area network denial)

Question 9

In a ___ attack, an attacker uses serveral large overlapping ip fragments. The victim system will attempt to reassemble these packets, sometimes causing the system to crash

Answer 9

teardrop

Question 10

What transport protocol was discovered to be vulnerable to POODLE?

Answer 10

SSL

Question 11

CVSS scoring is influenced by what 3 metric groups?

Answer 11

Base: severity, set by vendor

Temporal: urgency, set by vendor

Environment: how it effects end user of a specific organization, set by end users

Question 12

password ___ restrictions will ensure that a specified number of time has passed before a user is allowed to manually change a newly changed password

Answer 12

age

Question 13

What routing protocol does not support MD5 authentication for secure route updates?

Answer 13

RIPv1

Question 14

___ is an access control principle that ensures information does not flow between groups and users

Answer 14

Compartmentalization

Question 15

A secure development metric that ranks security issues in order to quantify risk

Answer 15

risk density

Question 16

When is the archive bit cleared in a backup scheme?

Answer 16

every time a backup is performed

Question 17

What backup resets the archive bit

Answer 17

full and incremental

Question 18

What does the archive bit determine?

Answer 18

Which file needs to be backed up

Question 19

The process of authenticating to a biometric system

Answer 19

throughput

Question 20

Business practices that a resonable individual would consider appropriate

Answer 20

prudent man rule

Question 21

Unused space in a cluster is

Answer 21

slack space

Question 22

smallest unit of accessible space is a

Answer 22

sector

Question 23

___ evidence is evidence that includes copies or oral descriptions of original documents

Answer 23

secondary

Question 24

___ evidence can support a fact that was established by other evidence but cannot by itself establish that fact

Answer 24

corroborative

Question 25

__ evidence includes descriptions and accounts of facts of an event by eyewitnesses to the event in question

Answer 25

direct

Question 26

___ evidence is evidence that can indirectly establish a fact but cannot be used to directly establish that fact

Answer 26

circumstantial

Question 27

What are the two keys TPMs use and what do they do

Answer 27

endorsement key: created when tpm is manufactured, permanent

storage key: created when a user takes ownership of the TPM

Question 28

Name 4 security modes for systems and what they must have

Answer 28

Dedicated: security clearance, access approval, a valid need to know for all info processed

System high: security clearance, access approval for all info processed

Compartmented: security clearance for all info processed

Multilevel mode: security clearance, access approval, and a valid need to know that permits only info they will access

Question 29

What OASIS standard is most commonly used by SDN

Answer 29

XACML (extensible access control markup language)

Question 30

SPML (security provisioning markup language) is based on what language

Answer 30

DSML (directory services markup language)

Question 31

Transient authentication is authentication by something you ____

Answer 31

have

Question 32

OOP concept that enables data to be processed differently based on the data type when objects are instantiated from other objects.

Answer 32

Polymorphism

Question 33

OOP concept that enables 2 objects that are based on the same class to process data independently

Answer 33

polyinstantiation

Question 34

maximum time a business can survive without a service

Answer 34

RTO

Question 35

how long a system should run before failing

Answer 35

mean time between failure (MTBF)

Question 36

how long it will take to recover a failed system

Answer 36

mean time to repair (MTTR)