Security + SYO-101A

Start Studying!

Terms

undefined, object

copy deck

1. Following a disaster, while returning to the original site from an alternate site, the first process to resume-at the original site would be the: A. least critical process B. most critical process C. process most expensive to m: Answer: A
2. Documenting change levels and revision information is most useful for: A. theft tracking B. security audits C. disaster recovery D. license enforcement: Answer: C
3. A recent audit shows that a user logged into a server with their user account and executed a program. The user then performed activities only available to an administrator. This is an example of what type of an attack? A. Trojan horse: Answer: B
4. Notable security organizations often recommend only essential services be provided by a particular hosts and any unnecessary services is disabled. Which of the following does NOT represent a reason supporting this recommendation? A. Each a: Answer: D
5. Which of the following is a technical solution that supports high availability? A. UDP (User Datagram Protocol). B. anti-virus solution. C. RAID (Redundant Array of Independent Disks). D. firewall.: Answer: C
6. In order for a user to obtain a certificate from a trusted CA (Certificate Authority), the user must present proof of identity and a: A. private key. B. public key. C. password. D. Kerberos key.: Answer: B
7. In the context of wireless networks, WEP (Wired Equivalent Privacy) was designed to: A. provide the same level of security as a wired LAN (Local Area Network). B. provide a collision preventive method of media access. C. provid: A
8. A primary drawback to using shared storage clustering for high availability and disaster recovery is: A. the creation of a single point of vulnerability. B. the increased network latency between the host computers and the RAID (Redun: A
9. What are access decisions based on in a MAC (Mandatory Access Control) environment? A. access control lists. B. ownership. C. group membership. D. sensitivity labels.: D
10. Packet sniffing can be used to obtain usename and password information in clear text from which one of the following? A. SSH (Secure Shell). B. SSL (Secure Sockets Layer). C. FTP (File Transfer Protocol). D. H1TPS (Hyper: C
11. When securing a FTP (File Transfer Protocol) server, what can be done to ensure that only authorized users can access the server? A. allow blind authentication. B. disable anonymous authentication. C. redirect FTP (File Transf: B
12. Asymmetric cryptography ensures that: A. encryption and authentication can take place without sharing private keys. B. encryption of the secret key is performed with the fastest algorithm available. C. encryption occurs only when bo: A
13. Which of the following media types is most immune to RF (Radio Frequency) eavesdropping? A. coaxial cable. B. fiber optic cable. C. twisted pair wire. D. unbounded.: B
14. Access controls that are created and administered by the data owner are considered. A. MAC (Mandatory Access Control). B. RBAC (Role Based Access Control). C. LBACB (List Based Access Control). D. DAC (Discretionary Access Con: D
15. An administrator notices that an e-mail server is currently relaying e-mail (including spam) for an e-mail server requesting relaying. Upon further investigation the administrator notices the existence of/etc/mail relay domains. What modifications sh: C
16. Providing false information about the source of an attack is known as: A. aliasing. B. spoofing. C. flooding. D. redirecting.: B
17. The term â€œdue careâ€ best relates to: A. policies and procedures intended to reduce the likelihood of damage or injury. B. scheduled activity in a comprehensive preventative maintenance program. C. techniques and methods fo: A
18. A high profile company has been receiving a high volume of attacks on their public web site. The network administrator wants to be able to collect information on the attacker(s) so legal action can be taken. What should be implemented? A.: B
19. Many intrusion detection systems look for known patterns or____ to aid in detecting attacks. A. viruses. B. signatures. C. hackers. D. malware.: B
20. After installing a new operating system, what configuration changes should be implemented? A. create application user accounts. B. rename the guest account. C. rename the administrator account, disable the guest accounts.: C
21. In order to establish a secure connection between headquarters and a branch office over a public network, the router at each location should be configured to use IPSec (Intenet Protocol Security) in mode. A. secure. B. tunnel.: B
22. What type of authentication may be needed when a stored key and a memorized password are not strong enough and additional layers of security are needed? A. mutual. B. multi-factor. C. biometric. D. certificate.: B
23. What technology was originally designed to decrease broadcast traffic but is also beneficial in reducing the likelihood of having information compromised by sniffers? A. VPN (Virtual Private Network). B. DMZ (Demilitarized Zone). C.: C
24. A DMZ (Demilitarized Zone) typically contains: A. a customer account database. B. staff workstations. C. a FTP (File Transfer Protocol) server. D. a SQL (Structured Query Language) based database server.: C
25. What kind of attack are hashed passwords vulnerable to? A. man in the middle. B. dictionary or brute force. C. reverse engineering. . D. DoS (Denial of Service).: B
26. Controlling access to information systems and associated networks is necessary for the preservation of their: A. authenticity, confidentiality,and availability. B. integrity, availability and reliability. C. confidentiality, i: C
27. A collection of information that includes login, file access, other various activities, and actual or attempted legitimate and unauthorized security violations is a (n): A. audit. B. ACL (Access Control List). C. audit trail.: C
28. What transport protocol and port number does SSH (Secure Shell) use? A. TCP (Transmission Control Protocol) port 22. B. UDP (User Datagram Protocol) port 69. C. TCP (Transmission Control Protocol) port 179. D. UDP (User Datagr: A
29. What statement is most true about viruses and hoaxes? A. Hoaxes can create as much damage as a real virus. B. Hoaxes are harmless pranks and should be ignored. C. Hoaxes can help educate users about a virus. D. Hoaxes carry a: A
30. What is the greatest benefit to be gained through the use of S/MIME (Secure Multipurpose Internet Mail Extensions)? The ability to: A. encrypt and digitally sign e-mail messages. B. send anonymous e-mails. C. send e-mails with a ret: A
31. Access control decisions are based on responsibilities that an individual user or process has in an organization. This best describes: A. MAC (Mandatory Access Control). B. RBAC (Role Based Access Control). C. DAC (Discretiona: B
32. Which of the following results in a domain name server resolving the domain name to a different and wrong IP (internet Protocol) address and thus misdirecting Internet traffic? A. DoS (Denial of Service). B. spoofing. C. brute: B
33. When examining the serverâ€™s list of protocols that are bound and active on each network interface card, the network administrator notices a relatively large number of protocols. Which actions should be taken to ensure network security?: C
34. If a private key becomes compromised before its certificateâ€™s normal expiration date, X.509 defines a method requiring each CA (Certificate Authority) to periodically issue a signed data structure called a certificate: A. enrollment lis: C
35. DAC (Discretionary Access Control) systems operate following which guideline statement. A. files that donâ€™t have an owner CAN NOT be modified. B. the administrator of the system is an owner of each object. C. the operating s: D
36. An autonomous agent that copies itself into one or more host programs, then propagates when the host is run, is best described as a: A. Trojan horse. B. backdoor. C. logic bomb. D. virus.: D
37. The defacto IT (Information Technology) security evaluation criteria for the international community is called? A. Common Criteria. B. Global Criteria. C. TCSEC (Trusted Computer System Evaluation Criteria). D. 1TSEC (In: A
38. The best protection against the abuse of remote maintenance of a PBX (Private Branch Exchange) system is to: A. keep maintenance features turned off until needed. B. insist on strong authentication before allowing remote maintenance: B
39. At what stage of an assessment would an auditor test systems for weaknesses and attempt to defeat existing encryption, passwords and access lists? A. penetration. B. control. C. audit planning. D. discovery.: A
40. Computer forensics experts collect and analyze data using which of the following guidelines so as to minimize data loss? A. evidence. B. chain of custody. C. chain of command. D. incident response.: B
41. Data integrity is best achieved using a (n): A. asymmetric cipher. B. digital certificate. C. message digest. D. symmetric cipher.: C
42. A program that can infect other programs by modifying them to include a version of itself is a: A. replicator. B. virus. C. Trojan horse. D. logic bomb.: B
43. Which of the following is an example of an asymmetric algorithm? A. CAST (Carlisle Adams Stafford Tavares). B. RC5 (Rivest Cipher 5). C. RSA (Rivest Shamir Adelman). D. SHA-l (Secure Hashing Algorithm 1).: C
44. When a user clicks to browse a secure page, the SSL (Secure Sockets Layer) enabled server will first: A. use its digital certificate to establish its identity to the browser. B. validate the user by checking the CRL (Certificate Rev: A
45. User A needs to send a private e-mail to User B. User A does not want anyone to have the ability to read the e-mail except for User B, thus retaining privacy. Which tenet of information security is User A concerned about? A. authenticatio: C
46. A company uses WEP (Wired Equivalent Privacy) for wireless security. Who may authenticate to the companyâ€™s access point? A. only the administrator. B. anyone can authenticate. C. only users within the company. D. only: D
47. Giving each user or group of users only the access they need to do their job is an example of which security principal: A. least privilege B. defense in depth C. separation of duties D. access control: A
48. The primary purpose of NAT (Network Address Translation) is to: A. translate (internet Protocol) addresses into user friendly names. B. hide internal hosts from the public network. C. use one public IP (internet Protocol) addr: B
49. The start of the LDAP (Lightweight Directory Access Protocol) directory is called the: A. head B. root C. top D. tree: B
50. The protection of data, against unauthorized access or disclosure is an example of what? A. confidentiality B. integrity C. signing D. hashing: A
51. Which of the following backup methods copies only modified files since the last full backup? A. full. B. differential. C. incremental. D. archive.: B
52. While connected from home to an ISP (Internet Service Provider), a network administrator performs sport scan against a corporate server and encounters four open TCP (Transmission Control Protocol) ports 25,110,143, and 389. Corporate users in the org: B
53. In a decentralized privilege management environment, user accounts and passwords are stored on: A. One central authentication server. B. each individual server. C. no more than two servers. D. One server configured for d: B
54. A well defined business continuity plan must consist of risk analysis, business impact analysis, strategic planning and mitigation, training and awareness, maintenance and audit and: A. security labeling and classification. B. budge: D
55. One way to limit hostile sniffing on a LAN (Local Area Network) is by installing: A. an Ethernet switch. B. an Ethernet hub. C. a CSU/DSU (Channel Service Unit/Data Service Unit). D. a firewall.: A
56. The WAP (Wireless Application Protocol) programming model is based on the following three elements: A. client, original server, WEP (Wired Equivalent Privacy). B. code design, code review, documentation. C. client, original se: D
57. The first step in establishing a disaster recovery plan is to: A. get budgetary approval for the plan. B. agree on the objectives of the plan. C. list possible alternative sites to be used in a disaster event. D. priorit: B
58. When securing a DNS (Domain Name Service) server, and shutting down all unnecessary ports, which port should NOT be shut down? A. 21 B. 23 C. 53 D. 55: C
59. What is the main advantage SSL (Secure Sockets Layer) has over HTTPS (Hypertext Transfer Protocol over Secure Sockets Layer)? A. SSL (Secure Sockets Layer) offers full application security for HTTP (Hypertext Transfer Protocol) while HTTP: B
60. A sound security policy will define: A. what is considered an organizationâ€™s assets. B. what attacks are planned against the organization. C. how an organization compares to others in security audits. D. weaknesses in: A
61. What functionality should be disallowed between a DNS (Domain Name Service) server and untrusted node? A. names resolutions. B. reverse ARP (Address Resolution Protocol) requests. C. system name resolutions. D. zone tran: D
62. What is the most effective social engineering defensive strategy? A. marking of documents. B. escorting of guests. C. badge security system. D. training and awareness.: D
63. An IDS (Intrusion Detection System) is sending alerts that attacks are occurring which are not actually taking place. What is the IDS (Intrusion Detection System) registering? A. false positives. B. false negatives. C. true ne: A
64. When an employee is dismissed, the security administrator should: A. allow the employee to backup computer files then disable network access. B. change all network passwords. C. disable the employeeâ€™s network access. D: C
65. How are honey pots used to collect information? Honey pots collect: A. IP (Internet Protocol) addresses and identity of internal users. B. data on the identity, access, and compromise methods used by the intruder. C. data rega: B
67. Administrators currently use telnet to remotely manage several servers. Security policy dictates that passwords and administrative activities must not be communicated in clear text. Which of the following is the best alterative to using telnet?: C
68. Which of the following provides privacy, data integrity and authentication for handheld devices in a wireless network environment? A. WEP (Wired Equivalent Privacy). B. WAP (Wireless Application Protocol). C. WSET (Wireless Se: D
69. Analyzing log files after an attack has started is an example of: A. active detection. B. overt detection. C. covert detection. D. passive detection.: D
70. How many characters should the minimum length of a password be to deter dictionary password cracks? A. 6. B. 8. C. 10. D. 12.: B
71. An acceptable use policy signed by an employee can be interpreted as an employeeâ€™s written______ for allowing an employer to search an employeeâ€™s workstation. A. refusal. B. policy. C. guideline. D. consent.: D
72. What protocol can be used to create a VPN (Virtual Private Network)? A. PPP (Point-to-Point Protocol). B. PPTP (Point-to-Point Tunneling Protocol). C. SLIP (Serial Line Internet Protocol). D. ESLIP (Encrypted Serial Line: B
73. An attack whereby two different messages using the same hash function produce a common message digest is also known as a: A. man in the middle attack. B. cipher text only attack. C. birthday attack. D. brute force attack: C
74. A common algorithm used to verify the integrity of data from a remote user through the creation of a 128-bit hash from a data input is: A. IPSec (Internet Protocol Security). B. RSA (Rivest Shamir Adelman). C. Blowfish.: D
75. In a RBAC (Role Based Access Control) contexts, which statement best describes the relation between users, roles and operations? A. multiple users, single role and single operation. B. multiple users, single role and multiple operat: D
76. An administrator is setting permissions on a file object in a network operating system which uses DAC (Discretionary Access Control). The ACL (Access Control List) of the file follows: Owner: Read, Write, Execute; User. A: Read, Write, -;: A
77. A user who has accessed an information system with a valid user ID and password combination is considered a (n): A. manager B. user C. authenticated user D. security officer: C
78. The use of embedded root certificates within web browsers is an example of which of the following trust models? A. bridge. B. mesh. C. hierarchy. D. trust list.: D
79. What is the most common method used by attackers to identify the presence of an 802.11b network? A. war driving. B. direct inward dialing. C. war dialing. D. packet driving.: A
80. The best way to harden an application that is developed in house is to: A. use an industry recommended hardening tool. B. ensure that security is given due considerations throughout the entire development process. C. try attac: B
81. A security consideration that is introduced by a VPN (Virtual Private Network) is: A. an intruder can intercept VPN (Virtual Private Network) traffic and create a man in the middle attack. B. captured data is easily decrypted becaus: D
82. Which of the following would NOT be considered a method for managing the administration of accessibility? A. DAC (Discretionary Access Control) list. B. SAC (Subjective Access Control) list. C. MAC (Mandatory Access Control) l: B
83. Which of the following is required to use S/MIME (Secure Multipurpose Internet Mail Extensions)? A. digital certificate. B. server side certificate. C. SSL (Secure Sockets Layer) certificate. D. public certificate.: A
84. Non-repudiation is generally used to: A. protect the system from transmitting various viruses, worms and Trojan horses to other computers on the same network. B. protect the system from DoS (Denial of Service) attacks. C. prev: C
85. Which of the following hash functions generates a 160-bit output? A. MD4 (Message Digest 4). B. MD5 (Message Digest5). C. UDES (Data Encryption Standard). D. SHA-1 (Secure Hashing Algorithm 1).: D
86. Why are unique user IDs critical in the review of audit trails? A. They CAN NOT be easily altered. B. They establish individual accountability. C. They show which files were changed. D. They trigger corrective controls.: B
87. A DRP (Disaster Recovery Plan) typically includes which of the following: A. penetration testing. B. risk assessment. C. DoS (Denial of Service) attack. D. ACL (Access Control List).: B
88. An attacker can determine what network services are enabled on a target system by: A. installing a rootkit on the target system. B. checking the services file. C. enabling logging on the target system. D. running a port: D
89. A police department has three types of employees: booking officers, investigators, and judges. Each group of employees is allowed different rights to files based on their need. The judges do not need access to the fingerprint database, the investigat: B
90. Which of the following access control models introduces user security clearance and data classification? A. RBAC (Role Based Access Control). B. NDAC (Non-Discretionary Access Control). C. MAC (Mandatory Access Control).: C
91. A wireless network with three access points, two of which are used as repeaters, exists at a company. What step should be taken to secure the wireless network? A. Ensure that employees use complex passwords. B. Ensure that employees: C
92. Digital certificates can contain which of the following items: A. the CAâ€™s (Certificate Authority) private key. B. the certificate holderâ€™s private key. C. the certificateâ€™s revocation information. D. the certifica: D
93. Which encryption key is used to verify a digital signature? A. the signerâ€™s public key. B. the signerâ€™s private key. C. the recipient's public key. D. the recipient's private key.: A
94. NetBus and Back Orifice are each considered an example of a (n): A. virus. B. illicit server. C. spoofing tool. D. allowable server.: B
95. The theft of network passwords without the use of software tools is an example of: A. Trojan programs. B. social engineering. C. sniffing. D. hacking.: B
96. An alternate site configured with necessary system hardware, supporting infrastructure and an on site staff able to respond to an activation of a contingency plan 24 hours a day, 7 days a week is a: A. cold site. B. warm site.: D
97. Security controls may become vulnerabilities in a system unless they are: A. designed and implemented by the system vendor. B. adequately tested. C. implemented at the application layer in the system. D. designed to use: B
98. Which of the following is likely to be found after enabling anonymous FTP (File Transfer Protocol) read/write access? A. an upload and download directory for each user. B. detailed logging information for each user. C. storage: C
99. LDAP (Lightweight Directory Access Protocol) directories are arranged as: A. linked lists. B. trees. C. stacks. D. queues.: B
100. An inherent flaw of DAC (Discretionary Access Control) relating to security is: A. DAC (Discretionary Access Control) relies only on the identity of the user or process, leaving room for a Trojan horse. B. DAC (Discretionary Access: A

Start Studying!

Deck Info

Number of cards 99