or...
Reset Password Free Sign Up


Security Plus 5 Word Scramble

 
 



Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Security Plus 5

COMPTIA Security + 5

QuestionAnswer
What step in the SSL protocol allows for client and server authentication, MAC, and encryption algorithm negotiation, and selection of cryptographic keys? SSL handshake protocol
Example of a physical access barrier could be what? Security guard
“Due Care” is what? Policies and procedures intended to reduce the likelihood of damage or injury.
You discover a lock on the window of an office adjacent to the server room broken. You tell the resident of that office. You do NOT follow up to see if it has been fixed. What affect will this have on the likelihood of a threat? If the window is not repaired, the likelihood of the threat will increase.
Providing false information about the source of an attack is known as? Spoofing
In order for User A to send User B an e-mail message that only User B can read, User A must encrypt the e-mail with what? User B’s public key
When a cryptographic system’s keys are no longer needed, the keys should be? Destroyed or stored in a secure manner.
Access controls that are created and administered by the data owner are considered? DACs (Discretionary Access Control)
When a string of data is sent to a buffer that is larger than the buffer was designed to handle is an? Buffer overflow
One way to limit hostile sniffing on a LAN is by installing what type of hardware device? Ethernet switch
An attacker manipulates what field of an IP packet in an IP spoofing attack? Source address field
The term cold site refers to what? A location to begin operations during disaster recovery.
In decentralized privilege management, user accounts are stored on what? Individual servers
Most certificates used for authentication are based on what standard? X.509v3
An administrator notices an e-mail server is currently relaying e-mail for any e-mail server requesting relaying. Upon further investigation the administrator notices the existence of /etc/mail/relay domains. What modifications should the administrator Delete the * entry in the relay domain file and restart the e-mail process.
An application that appears to perform a useful function but instead contains some sort of malicious code is called? Trojan Horse
A piece of code that appears to do something useful while performing a harmful and unexpected function like stealing passwords is? Trojan Horse
What program is able to distribute itself without using a host file? Worm
A piece of malicious code that can replicate itself has no productive purpose and exist only to damage computer systems or create further vulnerabilities is called? Worm
An autonomous agent that copies itself into one or more host programs, then propagates when the host is run, is best described as a what? Virus
A program that can infect other programs by modifying them to include a version of it self is a what? Virus
User A needs to send a private e-mail to User B. User A doesn’t want anyone to have the ability to read the e-mail except User B, thus retaining privacy. What tenet of info security is User A using? Confidentiality
What kind of attack is a type of security breach to a computer that doesn’t usually result in the theft of information or other security loss, but the lack of legitimate use of that system? DOS
Computer forensics experts collect and analyze data using what to minimize data loss? Chain of custody
What is typically included in a CRL (Certificate Revocation List)? Certificates that have been disabled before their scheduled expiration.
What are three characteristics of a computer virus? Replication mechanism, activation mechanism, and objective.
Forensic procedures must be followed exactly to ensure the integrity of data obtained in an investigation. When making copies of data from a machine that isbeing examined, what task should be done to ensure it is an exact duplicate? Perform a cyclic redundancy check using a checksum or hashing algorithm.
In responding to incidents such as security breaches, one of the most important steps taken is? Containment
You are explaining SSL to junior administrators and come up to the topic of handshaking. How many steps are employed between the client and server in the SSL handshake process? 6
One of the factors that influence the life span of a public key certificate and its associated keys is the? Value of data being protected.
A network attack that misuses TCP’s three way handshake to overload serversand deny access to legitimate users is called? SYN flood
If a private key becomes compromised before its certificate normal expiration, X.509 defines a method requiring each CA (Certification Authority) to periodically issue a signed data structure called what? Revocation list
SSL session keys are available in what two lengths? 40-bit and 128-bit
You are researching the ARO and need to find specific data that can be used forrisk assessment. What will you use to find the information? Insurance companies
Created by: uop2001 on 2009-05-31



Copyright ©2001-2014  StudyStack LLC   All rights reserved.