Glossary of Recipies

Start Studying! Add Cards ↓

Created by cindelicato

Deck Info



Recent Users

Other Decks By This User

Which of the following can help you authoritatively trace a network flooding attack?
Your ISP
Which of the following is a common problem, yet commonly overlooked, in regards to physical security in server rooms?
False Ceilings

You have implemented a version of Kerberos protocol for your network. What service does Kerberos primarily offer?
Which algorithm can use a 128-bit key, and has been adopted as a standard by various governments & corporations?
Advance Encryption Standard (AES)
You have been assigned to provide security measures for your office's reception area. Costs must be kept to a minimum; which tools is the most appropriate?
What is the primary drawback of using symmetric-key encryption?
Key transport across a network.
At what layer of the OSI/RM does a packet filter operate?
Layer 3
Which of the following is considered to be the most secure dfault firewall policy, yet usually causes the most work from an administrative perspective?
Blocking all access by default, then allowing only necessary connections.
Which of the following describes the practice of stateful multi-layer inspection?
Inspecting packets in all layers of the OSI/RM with a packet filter.

What is the primary auditing activity?
Check log files.
You have just deployed an application that uses hash-based checksums to monitor changes in the configuration scripts of a database server that is accessible via Internet. Which is primary concern for this solution?
The security of the checksum database on a read-only media format.
Which is most likely to address a problem with an OS ability to withstand an attack that attempts to exploit a buffer overflow?
Software update.
Which of the following is most likely to pose a security threat to a Web Server?
CGI scripts
You want to create a certificate for use in SSL session. Which is responsible for verifying the identity of an individual and also issuing the cert?
CA - Certificate Authority

Attempting to gain unauthorized access to a server by running a program that enters passwords from a long list of possible passwords.
Brute Force
An application is creating hashes of each file on an attached storage device. Which of the following will typically occur during this process?
Increased time it takes for the system to respond to requests.
Which of the following is a primary weakness of asymmetric-key encryption?
It is slow because it requires extensive calculations.

A CGI application on the company Web server has a bug written into it. This bug allows the application to write data into an area of memory that has not been properly allocated to the application. An attacker has created an application that takes advant
Buffer overflow; work with Web developer to resolve.
You have been asked to encrypt a large file using a secure algorithm so you can send it via e-mail to your supervisor. Speed is important. The key will not be transmitted across a network. Which form of encryption should you use>
Which of the following activities is the most effective at keeping the actions of end users from putting the company's physical and logical resources at risk?
Which tool is best suited for identifying applications on a Web server that can lead to an SQL injection attack?
Vulnerability Scanner
Multiple password attempts
Brute Force Attack
Which of the following is a typical target of a trojan on a Linux system
What is the primary strength of symmetric-key encryption?
Can encrypt large amounts of data quickly.
Which of the following applications can help determine whether a DOS attack is occurring against a network host?
netstat and a packet sniffer
You have discovered that the ls, su & ps commands no longer function as expected.
What are typical firewall functions?
  • logging traffic
  • creating a choke point
A service on a Linux system that allows a user to read and edit resources. What is the function of this service?
Access control
You purchased a network scanner 6 months ago. In spite of regularly conducting scans using this software, attackers have been able to compromise your services. What is a likely explanation?
Scanner needs to be updated.
A new server has been placed on thee network. You have been tasked to protect the server using a packet-based firewall. You've used the following toolset:

(mail ports)

Which choice best describes the next step now that the ruleset has been

From the external network, use your mail client to determine whether all external users can access the e-mail server.
You are using a PKI solution that is based on SSL. Which of the following describes the function of the asymmetric-key-encryption algorithm used?
It encrypts the symmetric key.
What is the first tool needed to create a secure networking environment?
Security policy
A disgruntled employee has discovered the company Web server is not protected against a particular buffer overflow vulnerability. The employee created an app to take advantage of this vulnerability & secretly obtain sensitive data from the Web Server.
Consider the following diagram.

What type of attack?

The best way to thwart a dictionary attack is by enforcing a
Strong password policy.
What is the primary use of hash encryption in networking?
Signing files for data integrity
Which is the best to help ensure a database server can withstand a recently discovered vulnerability?
Installing updates
Consider this packet capture:

Which of the following best describes the protocol used, and its primary benefit?

Passive FTP, which is easier for firewalls to process.
Which of the following details should be included in documentation of an attack?
  • time & date of attack
  • names of employees who were contacted during response
Consider packet capture
lots of SYN from various IPs
A SYN flood and spoofing attack
You are creating an information security policy. Which of the following activities will help you focus on creating policies for the most important resources?
Classifying systems
Which of the following standards is used for digital certificates?
You discover an attack is underway on your stabase server. You want to preserve loigs, caching and other data on the server.
You have been assigned to configure a DMZ that uses multiple firewall components. The router will authoriatively monitor and block traffic. The device will be the last one that inspects traffic before passing to internal network. What is the device?
Choke router
What is the mostly likely first step to enable a server to recover from a denial-of-service attack in which all hard disk data is lost?
Contact the backup service.
What is the primary weakness of symmetric-key encryption?
Keys are difficult to distribute securely.
Requests for web-based resources have become slow? What to do?
Implement caching on the network proxy server.
A DDOS attack has occurred where both ICMP & TCP packets have crashed the Web server. What should be done?
Filtering traffic at the firewall.
The most popular types of proxy-oriented firewalls operate at which layer of the OSI/RM?
Application layer
Which organization provides regular updates regarding security breaches & issues?
Which of the following errors most commonly occurs when responding to a security breach?
Snap judgements based on emotions, as opposed to policy.
At the beginning of an IPsec session, which activity occurs during the Internet Key Exchange (IKE)
Determine authentication method.
You want to create a quick solution that allows you to obtain real-time login information for the administrative account on an LDAP server that you fell may become a target. Which of the following will accomplish this goal?
Create a login script for the administrative account that records logins to a separate server.
Irina has contracted with a company to provide Web design consulting services. The company has asked her to use several large files available via an HTTP server. The IT department has provide Irina with user name and password, as well as the DNS name of
HTTP uses cleartext transmission during authentication, which can lead to a man-in-the-middle attack.
A security breach has occurred involving the company's e-commerce server. Customer credit-card data has been released to unauthorized third parties. Who should be informed?
  • Affected customers
  • credit card companies
  • law enforcement.
Consider the following series of commands from a Linux system:
iptables -A input -p -icmp -s 0/0 -j REJECT
Which explanation best describes the impact of the resulting firewall ruleset?

Individuals on remote networks will not be able to use ping to troubleshoot connections.
You have been asked to encrypt a large file using a secure algorithm so you can send it via e-mail to your supervisor. Speed is important. The key will not be transmitted across a network. Which form of encryption should you use?

> Active Open, SYN flag, ISN, and desired port
< Passive Open, SYN flag, ISN, ACK

The TCP 3-way handshake, with the threat of man-in-the-middle
Troubleshoot video conferencing device between remote workers and central office. Remote users cannot make any connections at all. Which technique will solve the problem while retaining security?
Allow VPN access.
Your organization has made a particularly unpopular policy decision. Your sup’v fears that a series of attacks may occur as a result. You have been assigned to increase automated auditing on a server. When fulfilling this request, which of the followin
Authentication databases, including directory servers
Which of the following is considered to be the most secure default firewall policy, yet usually causes the most work from an administrative perspective?

Blocking all access by default, then allowing only necessary connections.
Consider the diagram involving two firewall-protected networks. Which of the following is necessary for each of the firewalls to allow private IP addresses to be passed on to the Internet?

Security breach: cause determined to be users stored their passwords under their keyboards.

  • Set passwords to expire
  • establish training.
Company webserver has several vulnerabilities, including a buffer overflow that has resulted in an attack. The Web server uses PHO and has direct connections to an Oracle database server. It also uses many CGI scripts. Which is the most effective way to
Install software updates to the Webs server daemon.

Add Cards

You must Login or Register to add cards