Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Security Plus 3
COMPTIA Security+ Q&A
| Question | Answer |
|---|---|
| In order for an SSL connection to be established between a web client and a web server automatically, the web client and web server should have what? | Certificate signed by a trusted root CA (Certification Authority). |
| What should a firewall employ to ensure that each packet is part of an established TCP session? | Stateful like inspection. |
| Malicious code is installed on a server that will e-mail system keystrokes stored in a text file to the author and delete system logs every five days or whenever a backup is performed. What type of program is this? | Logic bomb. |
| The start of the LDAP directory is called what? | Root |
| Poor programming techniques and lack of code review can lead to what? | Buffer overflow |
| A network attack method that uses ICMP and improperly formatted MTU’s to crash a computer is what? | Ping of death |
| What provides privacy, data integrity, and authentication for hand held devices in a wireless network environment? | WTLS (Wireless Transport Layer Security) |
| Technical security measures and countermeasures are primary intended to prevent what? | Unauthorized access, unauthorized modification, and denial of authorized access. |
| What type of encryption is used for e-mail? | S/MIME |
| You discover an unauthorized Access Point placed on your network under the desk of Accounting Department secretary. When questioned, she denies putting it there. What type of an attack occurred? | Social Engineering |
| A system administrator of a company was terminated unexpectedly. When the administrator’s user ID is deleted, the system begins deleting files. This is an example of what type of malicious code? | Logic Bomb |
| The greater the key space and complexity of a password, the longer an attacker may take to crack the password. This kind of attack would be what? | Brute force |
| In the context of the Internet: What is tunneling? | Using the Internet as part of a private secure network. |
| In a RBAC (Role-Based Access Control) contexts, what statement best describes the relation between users, roles, and operations? | Multiple users, multiple roles, and multiple operations. |
| What are the different types of symmetric key algorithms? | AES, DES, 3DES, RC5, SSL |
| What is a good practice in deploying a CA (certification authority)? | Create a CPS (Certificate Practice Statement) |
| A well defined business continuity plan must consist of risk and analysis, business impact analysis, strategic planning, and mitigation, training, and awareness, maintenance, and audit and what? | Integration and validation. |
| Asymmetric cryptography ensures what? | Encryption and authentication can take place without sharing private keys. |
| Implementation of access control devices and technologies must fully reflect on organization’s security position as contained in what? | Information security policies |
| What are two VPN protocols? | L2TP and PPTP |
| What is considered the best technical solution for reducing the threat of a man-in-the-middle attacks? | PKI |
| The best method of reducing vulnerability from dumpster diving is what? | Destroying paper and other media. |
Created by:
uop2001
Popular Computers sets