Security+ (Set 1/4) 2004
Terms
undefined, object
copy deck
- Contains additional hidden code that allows unauthorized individuals to exploit or destry data is commonly known as:
- Trojan Horse
- Which of the following is typically included in a CRL (Certificate Revocation List)?
- Certificates that have been disabled before their scheduled expiration
- A CPS (Certificate Practice Statement) is a legal document that describes a CA's (Certificate Authority):
- procedures
- A severed T1 line is most likely to be considered in planning
- incident response
- The primary DISADVANTAGE of symmetric cryptography is
- key distribution
- How are clocks used in Kerberos authentication system?
- The clocks are synchronized to ensure tickets expire correctly
- An IT security audit is generally focused on reviewing existing
- policies and procedures
- The action of determining which operating system is installed on a system simply by analyzing its response to certain network traffic is called
- Fingerprinting
- The most effective way an administrator can protect users from social engineering is
- education
- Instant Messaging is most vulnerable to
- Sniffing
- What type of security mechanism can be applied to modems to better authenticate remote users
- Call back
- Despite regular system backups a significant risk still exists if
- recovery procudres are not tested
- What are three characteristics of a computer virus?
- replication mechanism, activation mechanism and objective
- Technical security measures and countermeasures are primarily intended to prevent
- Unauthorized access, unauthorized modification, and denial of authorized access
- Impersonating a dissatisfied customer of a company and requesting a password change on the customer's account is a form of
- social engineering
- The basic strategy that should be used when configuring the rules for security firewall is
- default deny
- An employer gives an employee a laptop computer to use remotely. The user installs personal applications on the laptop and overwrites some system files. How might this have been prevented with minimal impact on corporate productivity?
- The user should have received instructions as to what is allowed to be installed.
- A fundamental risk management assumption is, computers can NEVER be completely
- secure
- DDoS (Distributed Denial of Service) is most commonly accomplished by
- multiple servers or routers monopolizing and over whelming the bandwidth of a particular server or router
- IEEE (Institute of Electrical and Electronics Engineers) 802.11b is capable of providing data rates of up to
- 11 Mbps
- A team organized for the purpose of handling security crisis is called
- incident response team
- Which security architecture utilizes authentication header and/or encapsulating security payload protocols?
- IPSec (Internet Protocol Security)
- Tunneling is best described as the act of encapsulating:
- ordinary/non-secure IF packets inside of encrypted/secure IP packets
- What is a good practice in deploying a CA (Certificate Authority)
- Create a CPS (Certificate Practice Statement)
- What is the most common goal of operting system logging
- to keep a record of system usage
- Poor programming techniques and lack of code review can lead to which of the following type of attack?
- buffering overflow
- When a patch is released for a server the adminstrator should
- test the patch on a non-poroduction server then install the patch to production
- An attacker attempting to penetrate a company's network through its remote access system would most likely gain access through what method?
- war dialer
- A company's web server is configured for the following services: HTFP (Hypertext Transfer Protocol), SSL (Secure Sockets Layer), FTP (File Transfer Protocol), and SMTP (Simple Mail Transfer Protocol. The web server is placed into a DMZ (Demilitarized Zon
- 80, 443, 21, 25
- Which system should be included in a disaster recovery plan?
- system identified in a formal risk analysis process
- A PKI (Public Key Infrastructure) document that serves as the vehicle on which to base common interoperability standards and common assurance criteria on a industry wide basis is a certificate:
- policy
- When hardening a machine against external attacks, what process should be followed when disabiling services?
- Research the services and their dependencies before disabling any default services.
- Which of the following will let a secuirty administrator allow only if ITP (Hypertext tTransfer Protocol) traffic for outbound Internet Connections and set permissions to allow only certain users to browse the web?
- Proxy Server
- Which of the following is NOT a characteristic of DEN (Directory Enabled Networking)?
- It is inferieor to SNMP (Simple Network Management Protocol)
- They system administator concerned about security has designated a special area in whch tops the web server away from other servers on the network. This area is commonly known as
- DMZ (Demilitarized Zone)
- Which of the following IP (Internet Protocol) address schemes will requrie NAT (Network Address Translation) to connect to the Internet?
- 172.16.0.0/24
- What is the primary DISADVANTAGE of a theird party relay?
- Spammers can utilize the relay
- A network adminstrator wants to connect a network to the Internet but doesn't want to compromise internal network IP (Internet Protocol) addresses. What should the network administrator implement?
- a NAT (Network Address Translation)
- What is the default transport layer protocol and port number that SSL (Secure Socket Layer) uses?
- TCP (Transmission Control Protocol) transport layer protocol and port 443
- The greater the key space and complexity of a password, the longer an attack may take to crack the password, this is known as:
- Brute Force
- Security requirements for servers DO NOT typically include:
- The ability to allow adminstrative activities to all users
- When a cryptographic system's keys are no longer needed, the keys should be:
- destroyed or stored in a secure manner
- Creation of an information inventory is most valuable when
- Trying to reconstruct damaged systems
- A network administrator wants to restrict internal access to other parts of the network. The network restrictions must be implemented with the least amount of administrative overhead and must be hardware based. What is the best solution?
- Implement a VLAN (Virtual Local Area Network) to restrict netowrk access
- Which of the following is the best reason for a CA (Certificate Authority) to revoke a certificate?
- If the user's private key has been compromised.
- Which of the following cerrectly identifies some of the contents of an end user's X509 certificate?
- User's public key, the certificates serial number, and the certificate's validity dates
- Which of the following is a protocol generally used for secure web transactions?
- SSL (Secure Socket Layer)
- Which of the following statements identifies a characteristic of a symmetric algorithm?
- Performs a fast transformation of data relative to other cyrptographic methods.
- Assuring the recipient that a message has not been altered in transit is an example of
- integrity
- Being able to verify that a message received has not been modified in transit is defined as
- integrity
- Which of the following terms represents a MAC (Mandatory Access Control) model?
- Lattice
- The most common method of social engineering is
- Calling users and asking for information
- In the context of the Internet: what is tunneling?
- using the Internet as part of a private secure network
- An effective method of preventing computer viruses from spreading is to
- enable scanning of all email attachments
- The term "cold site" refers to
- a location to begin operations during disaster recovery
- Sensitive material is currently displayed on a user's monitor. What is the best course of action for the user before leaving the area?
- Refer to the company's policy on securing sensitive data
- Which regards to the use of Instant Messaging, which of the following type of attack strategies is effectively combated with users awareness training?
- social engineering
- What would NOT improve the phbysical security of workstations?
- strong passwords
- What authentication problem is addressed by single sign on
- Multiple usernames and passwords
- Access controls based on security labels associated with each data item and each user are known as
- MACs (Mandatory Access Control)
- A network adminstrator has just replaced a hub with a switch. When using software to sniff packets from the networks, the adminstrator notices conversations the administrator's computer is having with servers on the network, but can no longer see convers
- with the exception of broadcasts, switches do not forward traffic out all ports.
- Which type of password generator is based on challenge-response mechnaisms
- Asynchronous
- Which of the following is a characteristic of MAC (Mandatory Access & Control)systems
- Use levels of security to classify users and data
- Which of the following is considered the best techncal solution for reducing the threat of a man in the middle attack?
- PKI (Pubilc Key Infrastructure)
- Companies without an acceptable use policy may give their employees an expectation of
- privacy