click below
click below
Normal Size Small Size show me how
Security+ Review
Question | Answer |
---|---|
A study by Foote Partners showed that security certification earn employees ___ percent more pay than their uncertified counterparts. | 10 to 40% |
An information security ___ position focusses on the administration and management of plans, policies, and people. | managerial |
In information security, a loss can be ___. | the theft of information, a delay in information being transmitted, or even the loss of good will or reputation. |
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes knows as ___. | cybercrime |
The single most expensive malicious attack was the 2000 ___, which cost an estimated $8.7 billion. | Love Bug |
What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it? | $250,000 |
___ attacks are responsible for half of all malware delivered by Web advertising. | Fake anti-virus |
___ ensures that information is correct and that no unauthorized person or malicious software has altered that data. | Integrity |
___ ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter. | Authentication |
The term ___ is frequently used to describe the tasks of securing information that is in a digital format. | Information security |
A computer ___ is malicious computer code that reproduces itself on the same computer. | virus |
A ___ is a program advertised as performing one activity but actually does something else. | Trojan |
A ___ virus infects the Master Boot Record of a hard disk drive. | boot |
A ___ virus is loaded into random access memory (RAM) each time the computer is turned on and infects files that are opened by the user or the operating system. | resident |
The most popular attack toolkit, which has almost half of the attacker toolkit market is ___. | MPack |
Unlike other malware, a ___ is heavily dependent upon the user for its survival. | virus |
___ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user. | Adware |
A ___ virus infects program executable files. | program |
___ is when an attacker tricks users into giving out information or performing a compromising action. | Social engineering |
___ uses "speckling" and different colors so that no two spam e-mails appear to be the same. | Geometric variance |
A ___ attack is similar to a passive man-in-the-middle attack. | replay |
For a Web server's Linux system, the default root directory is typically ___. | /var/www |
The default root directory of the Microsoft Internet Information Services (IIS) Web server is ___. | C:\Inetpub\ wwwroot |
The SQL injection statement ___ discovers the name of a table. | whatever’ AND 1=(SELECT COUNT(*) FROM tabname); -- |
The SQL injection statement ___ finds specific users. | whatever’ OR full_name LIKE ‘%Mia%’ |
The ____ is part of an HTTP packet that is composed of fields that contain the different characteristics of the data being transmitted. | HTTP header |
Web application attacks are considered ____ attacks. | server-side |
When DNS servers exchange information among themselves it is known as a ____. | zone transfer |
When TCP/IP was developed, the host table concept was expanded to a hierarchical name system for matching computer names and numbers known as the ____. | DNS |
____ is a language used to view and manipulate data that is stored in a relational database. | Structured Query Language (SQL) |
A ___ in effect takes a snapshot of the current security of the organization. | vulnerability appraisal |
A ___ outlines the major security considerations for a system and becomes the starting point for solid security. | baseline |
A(n) ___ examines the current security in a passive method. | vulnerability scan |
A(n) ___ indicates that no process is listening at this port. | closed port |
A(n) ___ is hardware or software that captures packets to decode and ANALYZE its contents. | protocol analyzer (also called a sniffer) |
Released in 1995, one of the first tools that was widely used for penetration testing was ___. | SATAN, or Security Administrator Tool for Analyzing Networks |
The end product of a penetration test is the penetration ___. | test report |
When performing a vulnerability assessment, many organizations use ___ software to search a system for any PORT vulnerabilities. | port scanner |
___ is a comparison of the present state of a system compare to its BASELINE. | Baseline reporting |
___ is the probability that a risk will OCCUR in a particular year. | Annualized Rate of Occurrence (ARO) |
A ___ can be inserted into the security slot of a portable device and rotated so that the CABLE LOCK is secured to the device, while a cable connected to the lock can then be secured to a desk or immobile object. | cable lock |
A ___ is an independently rotating large cups affixed to the top of a fence prevent the hands of intruders from gripping the top of a fence to climb over it. | roller barrier |
A ___ outlines the major security considerations for a system and becomes the STARTING POINT for solid security. | baseline |
A(n) ___ is hardware or software that is designed to prevent malicious packets from entering or leaving computers. | packet filter |
In ___, a virtualized environment is created that simulates the central processing unit (CPU) and memory of the computer. | heuristic detection |
Passive tags have ranges from about 1/3 inch to ___ feet. | 19 |
The signal from an ID badge is detected as the owner moves near a ___, which receives the signal. | proximity reader |
___ are combination locks that use buttons which must be pushed in the proper sequence to open the door. | Cipher locks |
___ can be prewired for electrical power as well as wired network connections. | Locking cabinets |
___ use multiple infrared beans that are aimed across a doorway and positioned so that as a person walks through the doorway some beams are activated. | Tailgate sensors |
A ___ allows scattered users to be logically grouped together even thought they may be attached to different switches. | virtual LAN (VLAN) |
Examining network traffic, activity, transactions, or behaviors and looking for WELL-KNOWN PATTERNS is known as ___-based monitoring. | signature |
In order to allow untrusted outside users access to resources such as Web servers, most networks employ a ___. | demilitarized zone (DMZ) |
IP addresses are ___-bit addresses. | 32 |
Layer 5 of the OSI model is the ___ layer. | session |
___ IP addresses are IP addresses that are not assigned to any specific user or organization. | Private |
___ is a technique that allows private IP addresses to be used on the public Internet. | Network address translation (NAT) |
___ is a technology that can help to evenly distribute work across a network. | Load balancing |
___ provides REMOTE users with the same access and functionality as local users through a VPN or dial-up connection. | Remote access |
___ switches are connected directly to the devices on a network. | Workgroup |
A ___ is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack. | flood guard |
DNS poisoning can be prevented by using the latest editions of the DNS software known as ___. | BIND, or Berkeley Internet Name Domain |
In the ___ model, the cloud computing vendor provides access to the vendor's software applications running on a cloud infrastructure. | Cloud Software as a Service (SaaS) |
IP is the protocol that functions primarily at the Open Systems Interconnection (OSI) ___. | Network Layer (Layer 3) |
It is possible to segment a network by physical devices grouped into logical unites through a(n) ___. | virtual LAN (VLAN) |
Routers operate at the ___ Layer. | Network Layer (Layer 3) |
Server virtualization typically relies on the ___, which is software that runs on a physical computer to manage one or more virtual machine operating systems. | hypervisor |
SNMP agents are protected with a password known as a(n) ___ in order to prevent unauthorized users from taking control over a device. | community string |
TCP is the main ___ protocol that is responsible for establishing connections and the reliable data TRANSPORT between devices. | Transport Layer (Layer 4) |
The most common protocol suite used today for local area networks (LANs) as well as the Internet is ___. | Transmission Control Protocol/Internet Protocol (TCP/IP) |
A client-side attack results in a user’s computer becoming compromised just by viewing a Web page and not even clicking any contents known as a ___. | driveby download |
A ___ can create entries in a LOG for all queries that are received. | DNS log |
A ___ forwards packets across computer networks. | router |
A ___ is a computer or an application program that intercepts a user request from the internal secure network and then processes that request on behalf of the user. | proxy server |
A ___ is a series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks. | macro |
A ___ is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms. | rootkit |
A ___ is software that is a cumulative package of all security updates plus additional features. | service pack |
A(n) ___ encrypts all data that is transmitted between the remote device and the network. | virtual private network (VPN) |
A(n) ___ is the end of the tunnel between VPN devices. | endpoint |
A(n) ___ virus adds a program to the operating system that is a malicious copycat version to a legitimate program. | companion |
Broadcast storms can be prevented with ___. | loop protection |
Business ___ theft involves stealing proprietary business INFORMATION such as research for a new drug or a list of customers that competitors are eager to acquire. | data |
Each host (desktop, wireless laptop, smartphone, gateway server) runs a local application called a ___, which is sent over the network to the devices and runs as an OS service. | DLP agent |
The goal of ___ is to better understand who the attackers are, why they attack, and what types of attacks might occur. | threat modeling |
Under the ___, health care enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format. | The Health Insurance Portability and Accountability Act of 1996 (HIPAA)—Under HIPAA |
Viruses and worms are said to be self-___. | replicating |
___ is an attack in which an attacker attempts to impersonate the user by using his SESSION token. | Session hijacking |
___ is for the transport and storage of data, with the focus on what the data is. | XML |
A(n) ___ acts as the "base station" for the wireless network. | access point (AP) |
A(n) ___ packet contains a field that indicates the function of the packet and an identifier field used to match requests and responses. | EAP |
Bluetooth is a ___ technology designed for data communication over short distances. | Personal Area Network (PAN) |
Most Bluetooth devices use a Class 2 radio that has a range of ___ feet. | 33 |
Slave devices that are connected to the piconet and are sending transmissions are known as ___ slaves. | active |
___ access points are serious threats to network security because they allow attackers to intercept the RF signal and bypass network security to attack the network or capture sensitive data. | Rogue |
___ is s framework for transporting authentication protocols instead of the authentication protocol itself. | Extensible Authentication Protocol (EAP) |
___ is an attack that sends unsolicited messages to Bluetooth-enabled devices. | bluejacking |
___ is designed to detect any changes in a packet, whether accidental or intentional. | Cyclic Redundancy Check (CRC) |
___ requires mutual authentication used for WLAN encryption using Cisco client software. | Lightweight EAP (LEAP) |
A user accessing a computer system must present credentials or ____ when logging on to the system. | identification |
During RADIUS AUTHENTICATION the AP, serving as the authenticator that will accept or reject the wireless device, creates a data packet from this information called the | authentication request |
Entries in the DIB are arranged in a tree structure called the ___. | directory information tree (DIT) |
The action that is taken by the subject over the object is called a(n) ___. | operation |
The X.500 standard defines a protocol for a client application to access an X.500 DIRECTORY called ___. | Directory Access Protocol (DAP) |
The ___ model is the least restrictive. | Discretionary Access Control (DAC) |
___ indicates when an account is no longer active. | Account expiration |
___ is often used for managing user access to one or more systems. | Rule Based Access Control |
___ is suitable for what are called "high-volume service control applications" such as dial-in access to a corporate network. | RADIUS, or Remote Authentication Dial In User Service |
___ requires that if the fraudulent application of a process could potentially result in a breach of security, then the process should be DIVIDED between two or more individuals. | Separation of duties |
An operating system that has been reengineered so that it is designed to be secure from the ground up is known as a ___. | trusted operating system (trusted OS) |
If a user typically accesses his bank's Web site from his home computer on nights and weekends, then this information can be used to establish a ___ of typical access. | computer footprint |
Windows ___ is a feature of Windows that is intended to provide users with control of their digital identities while helping them to manage privacy. | CardSpace |
The ___ attack will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or includes special characters such as @, $, !, or %. | hybrid |
Windows Live ID was originally designed as a ___ system that would be used by a wide variety of Web servers. | identity management |
___ accepts spoken words for input as if they had been typed on the keyboard. | Speech recognition |
___ can use fingerprints or other unique characteristics of a person's face, hands, or eyes (irises and retinas) to authenticate a user. | Standard biometrics |
___ holds the promise or reducing the number of usernames and passwords that users must memorize. | Single sign-on (SSO), |
___ is related to the perception, THOUGHT process, and understanding of the user. | Cognitive biometrics |
___ is using a single authentication credential that is shared across multiple networks. | identity management |
A ___ chipper rearranges letters without changing them. | transposition |
One of the most famous ancient cryptographers was ___. | Julius Caesar |
The algorithm ___ is a BLOck cipher that operates on 64-bit BLOcks and can have a key length from 32 to 448 bits. | Blowfish |
The simplest type of stream cipher is a ___ cipher. | substitution |
The ___ algorithm is the most common asymmetric cryptography algorithm and is the basis for several products. | RSA |
The ___ is essentially a chip on the motherboard of the computer that provides cryptographic services. | Trusted Platform Module (TPM) |
The ___ is a symmetric cipher that was approved by the NIST in late 2000 as a replacement for DES. | Advanced Encryption Standard (AES) |
___ encryption uses two keys instead of only one and these keys are mathematically related. | Asymmetric |
___ is a relatively recent cryptographic hash function that has received international recognition and adoption by standards organization, including the International Organization for Standardization (ISO). | Whirlpool |
___ takes plaintext of any length and creates a hash 128 bits long. | Message Digest 2 (MD2) |
A class 2 certificate is known as a ___ certificate. | server digital |
A ___ trust refers to a situation in which two individuals trust each other because each trusts a third party. | third-party |
At the ___ stage of the certificate life cycle, the certificate can no longer be used. | expiration |
The primary function of a(n) ___ is to verify the identity of the individual. | RA |
The ___ function is a subordinate entity designed to handle specific CA tasks such as processing certificate requests and authenticating users. | Registration Authority (RA) |
The ___ provides recommended baseline security requirements for the use and operation of CA, RA, and other PKI components. | certificate policy (CP) |
___ allows clients and the server to negotiate independently encryption, authentication, and digital signature methods, in any combination, in both directions. | Secure Hypertext Transport Protocol (SHTTP) |
___ can verify the authenticity of the sender and enforce nonrepudiation to prove that the sender is who he claims to be and cannot deny sending it. | Asymmetric encryption |
___ involves PUBLIC-KEY cryptography standards, trust models, and key management. | Public Key Infrastructure (PKI) |
___ is a protocol developed by Netscape for SECURELY transmitting documents over the Internet. | Secure Sockets Layer (SSL) |
A policy that addresses SECURITY as it RELATES to HUMAN RESOURCES is known as a(n) ___ policy. | security-related human resource |
A ___ is a written document that states how an organization plans to protect the company's information technology assets. | security policy |
Because the impact of CHANGES can potentially affect all users, and uncoordinated changes can result in security vulnerabilities, many organizations create a(n) ___ to oversee the changes. | change management team (CMT) |
___ are a person's fundamental beliefs and principles used to define what is good, right, and just. | Values |
___ are values that are attributed to a system of beliefs that help the individual distinguish right from wrong. | Morals |
___ learners learn through a lab environment or other hands-on approaches. | Kinesthetic |
___ learners learn though taking notes, being at the front of the class, and watching presentations. | Visual |
___ learners tend to sit in the middle of the class and learn best through lectures and discussions. | Auditory |
___ may be defined as the components required to identify, analyze, and contain that INCIDENT. | Incident response |
___ networks are typically used for connecting devices on an ad hoc basis for file sharing of audio, video, and data, or real-time data transmission such as telephony traffic. | P2P |