Security+ 501 Test 1 Flashcards
(156 cards)
1
Q
- What do you use to encrypt a message to send to someone? 2. What do they use to decrypt it?
A
- Public Key
2. Private Key
2
Q
What following secure e-mail protocols is carried over an SSL or TLS connection and uses TCP port 993?
A
IMAPS
3
Q
What is a server-side e-mail protocol and is not used over SSL or TLS?
A
SMTP (Simple Mail Transfer Protocol)
4
Q
What is is a non-secure client-side e-mail protocol that uses TCP port 110?
A
POP3 (Post Office Protocol 3)
5
Q
What is is a non-secure client-side e-mail protocol that uses TCP port 143?
A
IMAP4 (Internet Mail Access Protocol version 4)
6
Q
What form of Load Balancing assigns to each server in order, then returns to the first server assigns to each server in order, then returns to the first server?
A
Round Robin
7
Q
What form of Load Balancing keeps a client’s sessions connected to the server that’s keeping the session?
A
Affinity Scheduling
8
Q
What is a point-in-time backup of certain key configuration settings of a virtual machine, allowing the VM to be restored back to that point in time if it suffers a crash or other issue?
A
Snapshot
9
Q
What is a Microsoft Windows type of backup that backs up critical files used by the operating system to restore it in the event of a system crash or other issue?
A
System State Backup
10
Q
What protocols would you use to encrypt VPN traffic?
A
IPsec
11
Q
What port does DNS use?
A
TCP and UDP port 53
12
Q
What port does SSH use?
A
22
13
Q
What port does SMTP use?
A
25
14
Q
What port is HTTP used?
A
80
15
Q
What technique separates applications from one another and does not allow them to share execution, user, or data space?
A
Sandboxing
16
Q
What technique enables an administrator to determine which applications and other software the user is allowed to install and execute?
A
Whitelisting
17
Q
What technique is used to separate different sensitivities of data, such as corporate and personal data on a mobile device?
A
Containerization
18
Q
What is a method that enables administrators to restrict users from installing and executing certain applications?
A
Blacklisting
19
Q
Which of the following is a key agreement protocol used in public-key cryptography?
A
Elliptic Curve Diffie-Hellman (ECDH)
20
Q
What is the most common public-private key generation algorithm used in public-key cryptography? It is used to generate a public and private key pair.
A
RSA (Rivest-Shamir-Adleman)
21
Q
What is used to generate message digests for plaintext? It is not used in public-key cryptography to exchange keys or establish secure sessions.
A
SHA-2
22
Q
Which of the following concepts should be the most important consideration when determining how to budget properly for security controls?
A
Risk and Impact
23
Q
What form of authentication passes credentials in clear text and is not recommended for use?
A
PAP
24
Q
What form of authentication uses password hashes and challenge methods to authenticate to the system. Passwords are not passed in clear text with this protocol.
A
CHAP (Challenge Handshake Authentication Protocol)
25
What form of authentication is a modern authentication framework that can use various authentication methods for both wired and wireless networks? It also does not pass username and password information in clear text.
EAP (Extensible Authentication Protocol)
26
(Blank) typically involves checking traffic on a network device based upon specific characteristics.
Filtering
27
What is an older form of attack where a malicious/compromised Web site places invisible controls on a page, giving users the impression they are clicking some safe item that actually is an active control for something malicious?
Clickjacking
28
(Blank) adds malicious information to HTTP headers?
Header Manipulation
29
What type of attack means to add malicious information or code, often by using a Trojan horse?
Man-in-the-Browser
30
(Blank) attempt to access privilege escalation by forcing a buffer to cause an error.
Buffer Overflows
31
What is typically created for a single Web browsing session and is generally not carried across different sessions?
Session Cookies
32
(Blank) cookies are saved and used between various Web sessions?
Persistent
33
Which of the following enables a user to provide one set of credentials to the system and use those credentials throughout other interconnected systems?
Single Sign-On
34
What method of authentication uses several different factors to authenticate to a system, such as something you know, something you are, and something you have.
Multi-Factor
35
What method of authentication uses only one factor, such as something you know, to authenticate to a system. It can also be used in a single sign-on environment but is not required.
Single Factor
36
What method of authentication can appear to be similar to single sign-on, but it requires all individual systems simply to accept credentials passed from another system without a unified approach.
Pass-through
37
Which of the following authentication protocols uses a series of tickets to authenticate users to resources, as well as timestamps to prevent replay attacks?
Kerberos
38
What is the error caused by rejecting an authorized user; it is also called a Type I error
False Rejection Rate
39
What is the error caused when an unauthorized user is validated as authorized, also referred to as a Type II error.
False Acceptance Rate
40
Which two secure protocols protects traffic during transmission and uses TCP port 443?
SSL and TLS
41
Both SCP and SSH use which TCP port
22
42
UDP uses UDP port (blank) and is totally unsecure.
69
43
If a person knows a control exists, and this control keeps him or her from performing a malicious act, what type of control would this be classified as?
deterrent
44
What control assists and mitigates the risk when an existing control is unable to do so.
Compensating
45
What protocol uses a management information base (MIB) to provide detailed device-specific information to a central management console?
SNMP (Simple Network Management Protocol)
46
What protocol is responsible for sending e-mail?
SMTP (Simple Mail Transport Protocol)
47
(Blank) is a log server found in UNIX and Linux systems?
Syslog
48
What is the process of marking a photo or other type of media with geographical location information using the GPS of a mobile device?
Geotagging
49
(Blank) is the use of a device's GPS features to determine device location, locate points of interest, and gather other useful information?
Geotagging
50
(Blank) is the use of geolocation features to ensure that a mobile device does not leave specific areas of corporate property.
Geofencing
51
Which type of network intrusion detection system (NIDS) develops a baseline of normal traffic so it can detect deviations in this traffic that might indicate an attack?
Anomaly-Based System
52
Which type of network intrusion detection system (NIDS) use predefined rule sets?
Rule-Bases System
53
Which type of network intrusion detection system (NIDS) uses routers and firewalls, base detection on access control lists that specify traffic that is permitted and denied?
Filter-based systems
54
Which type of network intrusion detection system (NIDS) use predefined traffic signatures that are typically downloaded from a vendor?
Signature-based systems
55
Which of the following is the simplest form of disaster recovery exercise?
The documentation review
56
What form of disaster recovery exercise goes through the motions of fulfilling the responsibilities and conducting the activities required during an incident or disaster?
Walkthrough test
57
In what form of disaster recovery exercise all personnel are usually involved and may actually conduct activities as they would during a real incident. This type of test is more complex and normally requires extensive resources, such as people and equipment, so it is typically conducted infrequently.
Full Scale
58
Which of the following details the specific access levels that individuals or entities may have when interacting with objects?
ACL (Access Control List)
59
For which of the following should employees receive training to establish how they are to treat information of different sensitivity levels?
Information Classification
60
What policy instructs employees to not leave sensitive data unattended, as well as data disposal policies, can be included in the information and data handling policies, but these are very specific instances and don't cover all information or all scenarios where an employee would be in a position to treat data with care
Clean Desk Policy
61
During which type of assessment would penetration testers not have any knowledge about the network and network defenders have no knowledge of the test itself?
Double-Blind Test
62
During which type of assessment only the testers have no knowledge of details about this network configuration. This type of test is also referred to as a blind test.
Black Box
63
During which type of assessment the penetration tester may have some limited knowledge of the network or systems, gained from the organization that wants the test.
Gray Box
64
Which of the following DES/AES encryption modes is considered the weakest?
ECB (Electronic Code Book)
65
What type of filter can scan content as it leaves the network, checking for certain types of content that has been pre-specified within the software.
Content Filter
66
What filters are used to catch and quarantine spam messages?
Antispam filters
67
(Blank) are used to cache, or store, messages for speedy retrieval in the future?
Catching Proxy Servers
68
(Blank) help control and block (when necessary) network traffic at the ingress and egress points?
Firewalls
69
Which access control models enable a person who creates or owns objects to define permissions to access those objects?
Discretionary access control
70
Which access control model use labels and security clearances to grant access to objects?
Mandatory Access Control
71
What type of organizations are the main users of an interconnection service agreement (ISA)?
Telecommunication Companies
72
You have received reports that a number of hosts in your company's internal network are sluggish and unresponsive. After troubleshooting other items, you decide to use a sniffer to examine the network traffic coming into the host. You see that massive amounts of ICMP broadcasts are being sent on the network. The switch is having trouble processing all of this traffic, due to repeated ICMP replies, causing it to slow down. What type of attack most likely caused this
Flood attack
73
What type of attack attempts to break into an existing communications session, and is not a denial-of service attack?
Man-in-the-middle
74
What type of attack is a form of social engineering attack using e-mail?
phising
75
Which of the following two ways typically separate network hosts for security purposes?
physically and logically
76
During which stage of a secure development model would you normally find steps such as requirements gathering, analysis, and diagram development?
Security Requirements
77
During which stage of a secure development model would you normally find steps such as secure code review, fuzzing, and vulnerability assessments?
Security Testing
78
During which stage of a secure development model are different security functionality is designed into the application?
Security design
79
During which stage of a secure development model are security requirements are validated as implemented in the application?
Security Implementation
80
When information is converted to an unreadable state using cryptography, in what form is the information?
Ciphertext
81
A (blank) or message digest is a cryptographic representation of variable length text, but it is not the text itself.
Hash
82
(Blank) is unencrypted text.
Plaintext
83
What are valid methods to secure static hosts in an organization?
Application Level Firewalls, Network Segmentation, Layered Security
84
The (Blank) is the maximum allowable amount of data (measured in terms of time) that the organization can afford to lose during a disaster or an incident.
RPO (Recovery Point Objective)
85
Which of the following is a trusted OS?
1. Ubuntu Linux
2. SELinux
3. Windows 10
4. Windows Server
2. SELinux
86
Which of the following is the biggest risk involved in cloud computing?
1. Lack of Control
2. Lack of Availability
3. Lack of Responsibility
4. Lack of Accountability
1. Lack of Control
87
Which of the following is normally required to convert and read coded messages?
Codebook
88
What can cause a successful attack on a system when a user enters malicious code or characters into a form field on a Web application?
Input Validation
89
What formal management effort is designed to remediate security flaws discovered in applications and operating systems?
Patch Management
90
What is the process of provisioning and maintaining user accounts on the system?
Account Management
91
What is a formalized process that involves both long-term and short-term infrastructure changes, as well as configuration changes to hosts and networks?
Change Management
92
What type of file, often sent with an e-mail message, can contain malicious code that can be downloaded and executed on a client's computer?
HTML
93
What is a simple script that is set to execute at a certain time that is usually created by rogue administrators or disgruntled employees?
Logic Bombs
94
What is a piece of malicious software that must be propagated through a definite user action?
Virus
95
What is a piece of software that seems to be of value to the user, but in reality is malware?
A Trojan Horse
96
What causes usually annoying advertisements that come in the form of pop-up messages in a user's browser?
Adware
97
What is an application designed to create and initiate files on a host to provide a fully functional virtual machine?
Hypervisor
98
What is software or a hardware appliance responsible for balancing user requests and network traffic among several different physical or virtualized hosts?
A Load Balancer
99
Which type of cloud service is usually operated by a third-party provider that sells or rents "pieces" of the cloud to different entities, such as small businesses or large corporations, to use as they need?
Public
100
Which type of cloud service is for use only by one organization and is usually hosted by that organization's infrastructure?
Private
101
Which type of cloud service for use by similar organizations or communities, such as universities or hospitals, that need to share common data?
Community
102
An attack in which an attacker attempts to disconnect a victim's wireless host from its access point is called?
Deauthentication
103
What type of attack involves impersonating a wireless client or access point, either through its IP or MAC address?
Spoofing
104
What type of attack involves the reuse of intercepted non-secure credentials to gain access to a system or network.
Replay Attack
105
What type of attack involves attempting to break WEP keys by targeting their weak IVs?
Initialization vector (IV) attacks
106
Which of the following algorithms won the U.S. government?sponsored competition to become the Advanced Encryption Standard (AES)?
1. RC4
2. Blowfish
3. Twofish
4. Rijindael
4.Rijindael
107
What is a variant of a phishing attack, where a phishing e-mail is sent to a high-value target instead of on a mass scale to all employees?
Whaling
108
What type of attack involves targeting a particular type of user, regardless of rank in the organization, and basing the attack on more detailed, in-depth information in order to convince the target that the phishing e-mail is actually valid.
Spearfishing
109
(Blank) is a form of phishing attack that takes place over Voice-over-IP (VoIP) telephone systems?
Vishing
110
What network management protocols uses agents that respond to queries to report its status to a central program manager?
SNMP (Simple Network Management Protocol)
111
What methods of strengthening weak keys involve taking a weak initial key and feeding it to an algorithm that produces an enhanced key, which is much stronger?
Key Stretching
112
This involves sending individual characters of the key through an algorithm and using the mathematical XOR function to change the output.
Key streaming
113
What involves generating and exchanging an asymmetric key used for a particular communications session, or exchanging public keys in order to use them for public-key cryptography.
Key Exchange
114
Your organization wants you to create and implement a policy that will detail the proper use of its information systems during work hours. Which of the following is the best choice?
Acceptable Use Policy
115
What is an act performed by the company itself, and is not a user policy?
Due Care
116
What type of agreements are made between a company and a third party, such as a contractor or a supplier.
Service Level Agreement
117
Which of the following is a form of intentional interference with a wireless network?
Jamming
118
What type of attack is a rogue wireless access point set up to be nearly identical to a legitimate access point.
Evil Twin
119
What type of attack is a weak security measure designed to hide the broadcasting of a wireless network's service set identifier.
SSID Cloaking
120
What type of attack is an attempt to impersonate another host by using its MAC address.
MAC Spoofing
121
Which of the following secure file copy protocols is used over an SSL or TLS connection?
FTPS
122
(Blank) is a secure file transfer protocol used to copy files to and from an Internet-based host, and it also uses SSH.
SFTP
123
(Blank) is a secure copy protocol used to copy files securely to and from a networked host, and it uses SSH.
SCP
124
(Blank) is a non-secure protocol used to copy files to and from Internet-based hosts?
FTP
125
In order, the steps of the incident response life cycle are preparation; detection and analysis; containment, eradication, and recovery; and post-incident activity
1. preparation
2. detection and analysis
3. containment, eradication, and recovery
4. post-incident activity
126
What technologies allow devices to communicate with each other at very close range through radio signals by using a special chip implanted in the device, and maybe vulnerable to eavesdropping and man-in-the-middle attacks?
NFC
127
How many rounds does DES perform when it encrypts plaintext?
16
128
What authentication protocol does RADIUS use?
UDP port 1812
129
Which of the following security controls allows connectivity to a network based on the system's hardware address?
MAC Filtering
130
What policy settings prevent a user from rapidly changing passwords and cycling through his or her password history to reuse a password?
Minimum Password age
131
Which of the following encryption protocols uses RC4 with small initialization vector sizes?
WEP
132
Which of the following types of public-key cryptography uses a web of trust model?
PGP (Pretty Good Privacy)
133
(Blank) is a key negotiation and agreement protocol that is used to exchange keys and establish a secure communications session.
DHE (Diffie-Hellman Exchange)
134
What size WEP key did the original IEEE 802.11b specification use?
64-bit
135
What network-connected systems can manage heating, ventilation, and air-conditioning controls?
SCADA (Supervisory control and data acquisition)
136
What systems are antiquated computers that performed advanced tasks in the place of mainframe systems and are no longer widely in use?
Minicomputers
137
Which term indicates the length of time a device is expected to last in operation, and only a single, definitive failure will occur and will require that the device be replaced rather than repaired?
MTTF (Mean Time to Failure)
138
Which term represents the manufacturer's best guess (based on historical data) regarding how much time will pass between major failures of that component. This assumes that more than one failure will occur, which means that the component will be repaired, rather than replaced.
MTBF (Mean Time Between Failure)
139
Which term is the amount of time it takes for a hardware component to recover from failure.
(MTTR) Mean time to recovery
140
Which of the following ports would be most likely to allow secure remote access into a system within a data center?
L2TP -> TCP Port 1701
141
Risk assessment means evaluating which of the following elements?
Probability and Impact
142
What ire suppression chemicals was banned in 1987 and can no longer be used in data centers?
Halon
143
Which of the following is a protocol used to obtain the status of digital certificates in public keys?
OCSP (Online Certificate Status Protocol)
144
(Blank) is a public key cryptography protocol used on small mobile devices, due to its low power and computing requirements?
ECC (Elliptical Curve Cryptography)
145
(Blank) is a key negotiation and agreement protocol used in public-key cryptography.
DHE (Diffie-Hellman Exchange)
146
Which two utilities are specifically used to diagnose DNS issues?
Dig and NSLookup
147
Wissa is updating a printer driver on a Windows system. She downloads the latest driver from the manufacturer's Web site. When installing the driver, Windows warns that the driver is unsigned. To which of the following threats is Wissa exposing her system?
Refactoring
148
Which type of assessment is used to determine weaknesses within a system?
Vulnerability assessment
149
Which type of assessment looks at events that could exploit vulnerabilities.
Threat Assessment
150
Which type of assessment combination of assessments and is designed to assess factors, including likelihood and impact, that affect an asset.
Risk Assessment
151
Which type of assessment actually attempts to exploit any found weaknesses to gain access to systems.
Penetration Test
152
Which of the following types of factors could be used to describe a fingerprint-based method of logging in and authenticating to a touchscreen device?
Something you are
153
What size is the initialization vector (IV) for the Temporal Key Integrity Protocol (TKIP), used in the WPA standard?
48 bit
154
Which of the following methods of log management involves visiting each individual host to review its log files?
Decentralized
155
What port does LDAP (The Lightweight Directory Application Protocol) use?
TCP 389
156
What is the biggest difference between EAP-TLS and EAP-TTLS?
EAP-TLS needs server and client certificates; EAP-TTLS only needs server certificates.
