Practice C-D Flashcards
(46 cards)
the National Fire Protection Association (NFPA) recommends that computer facilities be able to withstand ___ minutes of exposure to fire
60
the difference between a dry pipe and deluge sprinkler system is that in a deluge system the pipes are ___
always open
a change management process is most likely to interface with a configuration management process during the ___ phase
documentation
___ is a buffer overflow protection that forces an application to fail immediately if a pointer is freed incorrectly
Heap Metadata Protection
rights grant users the ability to perform specific actions (login, print, backup, etc.), while permissions grant ___
levels of access to specific objects (read, write to, execute)
one improvement from WEP to WPA is the addition of ___ to protect against man in the middle attacks
Message Integrity Check (MIC)
a security policy should be no more than ___ pages long
2-3
the ___ was created by the National Institute of Standards and Technology for the testing and certification of forensics equipment
Computer Forensics Tool Testing (CFTT)
smart card attacks fall into 4 categories:
- Fault analysis (usually by denying full power);
- Power differential (directly connecting to pins and analyzing fluctuations);
- Timing attacks (analyzing time for cryptographic functions);
- Emanation attacks
wireless clients on a LAN typically operate in ___ mode, which allows them to communicate with other clients through a Access Point
Infrastructure (or Master)
wireless printers are sometimes configured in ___ mode to allow direct communication without an access point
Ad Hoc (or Peer to Peer)
wireless devices that are designed to communicate only with an Access Point are configured in ___ mode
Client (or Managed)
___ programming languages restrict the ways data can be used to protect against attacks using memory pointers and arrays
type safe
the linux file ___ contains secure user information and is only accessible by root
/etc/shadow
stateful firewalls operate between OSI levels ___ and ___. They only allow traffic into a network if ___
Network; Transport; it is in response to a corresponding request sent out from that network
while most cross site scripting attacks are typically mitigated through input validation and sanitization, cross-site request forgery (XSRF) attacks can be better mitigated through 3 controls:
CAPTHCHA;
two-factor authorization;
adding a nonce to website requests
___ (CSMA/CA or CMSA/CD) sends a jam signal to indicate that two devices are attempting to send simultaneously
CMSA/CD
___ (CSMA/CA or CMSA/CD) requires that the receiving device send acknowledgments
CSMA/CA
___ can be used to encrypt cardholder data from the moment a card is swiped until it reaches the payment processor
P2PE (Point to Point Encryption)
in ___ processes are assigned to time slots to access system resources in order to isolate and protect them
time multiplexing
for memory protection, ___ copies an entire process to a secondary memory location (i.e. disk)
swapping
in a ___ attack an IP packet is sent with the same source and destination address and port
LAN Denial (LAND)
in web authentication using social media accounts for SSO, ___ is typically used for authentication and ___ for authorization
OpenID Connect; OAuth 2.0
Microsoft requires the following 3 buffer overflow prevention measures for software vendors: ___ and recommends but does not require ___
Data Execution Prevention (DEP);
Heap Metadata Protection;
Address Space Layout Randomization (ASLR);
Pointer Encoding
