Practice A Flashcards
(38 cards)
to calculate qualitative risk, multiply:
Threat x Vulnerability x Impact
a threat ___ is the party responsible for a threat, and the threat ___ is the potential medium of the attack
agent; vector
a SEIM system is only used when there are multiple ___
servers
processors typically support two states: ___ which has highest privileges, or ___ which is associated with users
Supervisor/kernel; problem
___, aka encapsulation is used in object oriented programming to separate subjects and objects
data hiding
the ___ wireless standard supports 2.4 or 5 GHz and increases throughput up to 600 Mbps by supporting multiple Input/output frequencies
802.11n
a client device responds to a TFTP server using a ___ port, in the number range:
registered, or user; 1024 - 49151
temporary communication sessions are often established using ___ ports, in the number range:
ephemeral, or private; 49152 - 65535
of the fire sensing technologies, only ___ sensors require line of sight
flame
the main concern about Bluetooth on a network is ___
weak encryption
Extensible Access Control Markup Language (XACML), Security Provisioning Markup Language (SPML) and Security Assertion Markup Language (SAML) are all open standards created by ___
OASIS (Organization for the Advancement of Structured Information Standards)
the difference between Network Address Translation (NAT) and Port Address Translation (PAT) is:
PAT assigns multiple private IP’s to one public IP by assigning Port numbers, while NAT assigns one-to-one private to public IP’s
communicating with either IPv4 or IPV6 can be done by a ___ device, by using ___ to translate the traffic, or between LAN’s using ___
dual stack;
Network Address Translation-Protocol Translation (NAT-PT);
4to6 or 6to4 tunneling
while Kerberos does a good job preventing eavesdropping attacks, it is vulnerable to ___
theft of cached credentials which are not encrypted
in network data encapsulation, bits are encapsulated into ___, then into ___, then into ___
frames; packets; segments
of the AAA protocols, one weakness of ___ is that it only encrypts passwords, not usernames
RADIUS
HTTPS encrypts packets at OSI layer ___
4 - Transport
any device with more than one network connection is considered multi-___
homed
mitigating electromagnetic leakage is the concern of the ___ program
TEMPEST
the OWASP top 10 vulnerability that increased since 2013 is ___
sensitive data exposure
although security administrators generally have less privileges than system administrators, they often ___ of system admins
audit the activities
the SHA algorithm can produce a hash of at most ___ bits
512
in a brute force attack the attacker knows the ___
ciphertext
the ISO 27000 security standards are based on a ___ standard
British
