This site is 100% ad supported. Please add an exception to adblock for this site.

Security+ Set 1

Terms

undefined, object
copy deck
What is a key difference in security between MAC and DAC?
In MAC, a user who can access a file cannot necessarily copy it
What DoD classification does MAC map to?
Level-B classification
What DoD classification does DAC map to?
Level-C classification
What does CHAP use for authentication?
hashing
What is AES?
Advanced Encryption Standard- algorithm used by US government for sensitive but unclassified information
What type of encryption is AES?
symmetric
What kind of algorithm is 3DES?
symmetric
What algorithm does AES use?
Rijndael
What two encryption standards is AES designed to replace?
DES and 3DES
What is the most effective way of enforcing security in a dialup network?
require callback
What port do DNS zone transfers use?
TCP port 53
What port do DNS lookups use?
UDP port 53
Why do routers help limit the damage done by sniffing and MITM attacks?
They send data to a specific subnet only
What are the two types of symmetric algorithms?
block and stream
What are the two advantages of block ciphers over stream ciphers?
they are faster and more secure
What is the main difference between S/MIME and PGP?
S/MIME relies upon a CA for public key distribution
What is the maximum throughput of 802.11a?
54 Mbps
What frequency does 802.11b operate at?
2.4 GHz
What is the maximum throughput of 802.11b?
11 Mbps
What frequency does 802.11g operate at?
2.4 GHz
What is the maximum throughput of 802.11g?
54 Mbps
Is 802.11g backwards-compatible with 802.11a and 802.11b?
backwards-compatible with 802.11b only at 11 Mbps
What type of media access control does 802.11 use?
collision avoidance
What sort of attack does TACACS+'s lack of integrity checking make it vulnerable to?
replay attacks
What two bit strengths is SSL available in?
40-bit and 128-bit
What is the maximum capacity of QIC?
20 GB
What is the maximum capacity of 4mm DAT?
40 Gb
What is the maximum capacity of 8mm tapes?
50 Gb
What is the maximum capacity of Travan?
40 Gb
What is the maximum capacity of DLT?
220 Gb
With biometric scanning, what is rejecting a valid user called?
Type I error
With biometric scanning, what is accepting a user who should be rejected called?
Type II error
In biometric scanning, what is the crossover rate?
error percentage when Type I and II errors are equal
What mathematical fact does a birthday attack rely on?
it is much easier to find two datasets that share a hash than to find a dataset that shares a hash with a given dataset
What is CRL?
Certificate Revokation list- list of subscribers to a PKI and their certificate status
What is OCSP?
Online Certificate Status Protocol- a replacement for CRL
What disadvantage does CRL have the OCSP addresses?
updates must be downloaded frequently to be accurate
What disadvantage does CRL have that OCSP addresses?
updates must be downloaded frequently to be accurate
Does TLS use the same ports for encrypted and unencrypted data?
no
What is the difference between S-HTTP and SSL?
S-HTTP is designed to send individual messages securely; SSL sets up a secure connection between two computers
What is the primary limitation of symmetric cryptography?
key distribution
What protocol is being pushed as an open standard for IM?
SIMPLE
In relation to AAA, what is CIA?
Confidentiality, Integrity, Availability
What are the three components of AAA?
Authentication, Authorization, Access Control
What is an open relay?
an SMTP relay that does not restrict access to authenticated users
What encryption scheme does WEP use?
RC4
Who created RC2 and RC4?
Rivest
What are the two main types of firewalls?
application-level and network-level
How does an application-level firewall handle different protocols?
with a proxy program for each protocol
What happens if an application-level protocol doesn't have a proxy program for a given protocol?
the protocol can't pass through the firewall
What limitation do application-level firewalls create for proprietary software?
proprietary software often uses proprietary protocols, which often can't pass the firewall
Which is faster, application-level or network-level firewalls?
network-level firewalls
What are the two types of network-level firewalls?
packet filters and stateful packet inspection
What might be indicated by packets from an internal machine with an external source address in the header?
machine is being used in a DoS/DDoS attack

Deck Info

54

permalink