sec Flashcards
D. The server stores passwords in the database for three days.
A
E. VPN
CE
D. Hardened host firewall
A
D. MD4.
B
D. NIPS
A
D. Dumpster diving
A
D. The server is running a host-based firewall
D
D. It meets gray box testing standards.
A
D. Error and exception handling
B
D. TPM
D
D. Security
D
D. Recovery agent
C
D. Mandatory access control
A
D. Proxy
A
D. DDoS
D
D. Input validation
A
D. Social engineering
C
D. Password hashing
C
D. SLE
C
D. Placing a firewall between the Internet and database servers
C
D. CPU and memory resources may be consumed by other servers in the same cloud
A
D. Issues and signs all root certificates
D
D. Distributed dictionary attacks
A
D. The request needs to be sent to the change management team.
C
D. Use of public and private keys
D
D. Separation of duties
D
D. Least privilege
D
D. Adware
C
D. Server clustering
B
D. Operational
C
D. Set the switch ports to 802.1q mode.
B
E. 10.4.4.199
CD
E. RSA
BC
D. Software as a Service
A
D. TLS
D
D. Change management
D
D. Incident management
C
D. TFTP utilizes UDP and FTP uses TCP.
D
D. SHA1-HMAC
B
D. Load balancer
B
D. Packet sniffing
D
D. Patch management
A
D. Removable media encryption
B
D. Role based access control
A
D. Authentication
B
D. Individual accountability
D
D. Job function rotation
A
D. All public keys are accessed by an unauthorized user.
C
D. PKI
A
D. Vulnerability scan
B
D. Brute Force scan
C
D. Integrity
B
E. Decompile suspicious files
AD
D. Key escrow
A
D. Recovery key
B
E. Public keys
BD
D. Session hijacking
D
E. is mostly used in hashing algorithms.
CD
D. Cross-site scripting prevention
B
D. Some exploits when tested can crash or corrupt a system causing downtime or data loss.
D
D. LDAP
B
D. Differential backups on the weekend and full backups every day.
A
D. CHAP
C
E. 3DES
BC
D. Warm site
C
D. RPO
C
D. Ping of death
C
D. 465
B
D. Packet switching
C
D. Separation of duties
C
D. Key escrow
A
D. ACL
A
D. ICMP
C
D. Strong passwords
D
D. Routine log review
B
D. Fingerprint and retina scan
A
D. Improper error handling
B
D. Management of interfaces
C
D. Security awareness training
D
D. Spam filter
C
D. Bluesnarfing
C
D. Recovery agents
B
D. ICMP
D
D. NIPS
A
D. true positive.
C
D. Router
B
D. 23
B
D. The website is using an expired self-signed certificate.
C
D. Fire suppression
A
D. If user’s input exceeds buffer length, then truncate the input.
C
D. Anomaly-based NIPS
C
E. Authorization
AE
D. WPA
C
D. that a rogue access point has been installed within range of the symbols.
A
E. SSL
BE
D. Packet sniffing
B
D. identification of the user is non-repudiated.
A
E. CRL
BD