Security+ Set 1
Terms
undefined, object
copy deck
- What is a key difference in security between MAC and DAC?
- In MAC, a user who can access a file cannot necessarily copy it
- What DoD classification does MAC map to?
- Level-B classification
- What DoD classification does DAC map to?
- Level-C classification
- What does CHAP use for authentication?
- hashing
- What is AES?
- Advanced Encryption Standard- algorithm used by US government for sensitive but unclassified information
- What type of encryption is AES?
- symmetric
- What kind of algorithm is 3DES?
- symmetric
- What algorithm does AES use?
- Rijndael
- What two encryption standards is AES designed to replace?
- DES and 3DES
- What is the most effective way of enforcing security in a dialup network?
- require callback
- What port do DNS zone transfers use?
- TCP port 53
- What port do DNS lookups use?
- UDP port 53
- Why do routers help limit the damage done by sniffing and MITM attacks?
- They send data to a specific subnet only
- What are the two types of symmetric algorithms?
- block and stream
- What are the two advantages of block ciphers over stream ciphers?
- they are faster and more secure
- What is the main difference between S/MIME and PGP?
- S/MIME relies upon a CA for public key distribution
- What is the maximum throughput of 802.11a?
- 54 Mbps
- What frequency does 802.11b operate at?
- 2.4 GHz
- What is the maximum throughput of 802.11b?
- 11 Mbps
- What frequency does 802.11g operate at?
- 2.4 GHz
- What is the maximum throughput of 802.11g?
- 54 Mbps
- Is 802.11g backwards-compatible with 802.11a and 802.11b?
- backwards-compatible with 802.11b only at 11 Mbps
- What type of media access control does 802.11 use?
- collision avoidance
- What sort of attack does TACACS+'s lack of integrity checking make it vulnerable to?
- replay attacks
- What two bit strengths is SSL available in?
- 40-bit and 128-bit
- What is the maximum capacity of QIC?
- 20 GB
- What is the maximum capacity of 4mm DAT?
- 40 Gb
- What is the maximum capacity of 8mm tapes?
- 50 Gb
- What is the maximum capacity of Travan?
- 40 Gb
- What is the maximum capacity of DLT?
- 220 Gb
- With biometric scanning, what is rejecting a valid user called?
- Type I error
- With biometric scanning, what is accepting a user who should be rejected called?
- Type II error
- In biometric scanning, what is the crossover rate?
- error percentage when Type I and II errors are equal
- What mathematical fact does a birthday attack rely on?
- it is much easier to find two datasets that share a hash than to find a dataset that shares a hash with a given dataset
- What is CRL?
- Certificate Revokation list- list of subscribers to a PKI and their certificate status
- What is OCSP?
- Online Certificate Status Protocol- a replacement for CRL
- What disadvantage does CRL have the OCSP addresses?
- updates must be downloaded frequently to be accurate
- What disadvantage does CRL have that OCSP addresses?
- updates must be downloaded frequently to be accurate
- Does TLS use the same ports for encrypted and unencrypted data?
- no
- What is the difference between S-HTTP and SSL?
- S-HTTP is designed to send individual messages securely; SSL sets up a secure connection between two computers
- What is the primary limitation of symmetric cryptography?
- key distribution
- What protocol is being pushed as an open standard for IM?
- SIMPLE
- In relation to AAA, what is CIA?
- Confidentiality, Integrity, Availability
- What are the three components of AAA?
- Authentication, Authorization, Access Control
- What is an open relay?
- an SMTP relay that does not restrict access to authenticated users
- What encryption scheme does WEP use?
- RC4
- Who created RC2 and RC4?
- Rivest
- What are the two main types of firewalls?
- application-level and network-level
- How does an application-level firewall handle different protocols?
- with a proxy program for each protocol
- What happens if an application-level protocol doesn't have a proxy program for a given protocol?
- the protocol can't pass through the firewall
- What limitation do application-level firewalls create for proprietary software?
- proprietary software often uses proprietary protocols, which often can't pass the firewall
- Which is faster, application-level or network-level firewalls?
- network-level firewalls
- What are the two types of network-level firewalls?
- packet filters and stateful packet inspection
- What might be indicated by packets from an internal machine with an external source address in the header?
- machine is being used in a DoS/DDoS attack