Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove Ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Security Plus

COMPTIA Security+ Q&A

QuestionAnswer
For users to authenticate with an Access Point using WEP, users have to have what? Users have to have the correct WEP key.
Packet sniffing can be used to obtain username and password information in clear text from what type of protocol? FTP (File Transport Protocol).
What should be your greatest concern when transferring files or authenticating to a FTP server? Your greatest concern should be that the data and/or authentication information is being sent in clear text.
Users of Instant Messaging clients are especially prone to what? Sniffing Attacks.
What mode does IPSec use on routers when connecting from the corporate office to the branch office? Tunnel Mode.
Data integrity is best achieved using what? Message Digest (MD-5) 128 Bit Signing
Major components of ISAKMP are? Authentication of peers, threat management, security association, cryptographic key establishment and management.
When a user digitally signs a document, an asymmetric algorithm is used to encrypt what? Hash results
Which type of password generator is based on challenge-response mechanisms? Asynchronous
What protocol would an administrator use to administer, via telnet, a remote server so his password is not in clear text? SSH
What physical access control most adequately protects against physical piggybacking? Man Trap
A recent audit shows that a user logged into a server with their user account and executed a program. The user performed activities only available to an administrator. What is an example of this type of attack? Privilege Escalation
An attack where a different message, using the same hash function as the original message, produces a common message digest is known as a what? Birthday Attack
What type of media is most immune to RF (Radio Frequency) eavesdropping? Fiber-Optic
The flow of packets traveling through routers can be controlled by implementing what type of security mechanism? ACL (Access Control Lists)
What is of great importance when considering physical security? Reduce overall opportunity for an intrusion to occur.
WTLS provides security services between a mobile device and what? WAP (Wireless Access Point)
An Intrusion detection system typically consists of two parts, a console and what? A sensor.
A system administrator has just used a program that highlighted the susceptibility of several servers on the network to various exploits. The program also suggests fixes. What program type was used? A vulnerability scanner
Missing audit log entries most seriously affects an organization’s ability to do what? Prosecute a hacker.
Following a disaster, while returning to the original site from an alternate site, the first process to resume at the original site is what? The least critical process.
An organization’s primary purpose in conducting risk analysis in dealing with computer security is what? To quantify the impact of potential threats in relation to the cost of lost business functionality.
The primary drawback to using shared storage clustering for high availability and disaster recovery is what? Creation of a single point of vulnerability.
How should a primary DNS server be configured to provide the best security against DoS and Hackers? Disable application services other than DNS.
Tunneling is best described as the act of encapsulating what? Ordinary/non-secure IP packets inside of encrypted/secure IP packet.
What is the primary DISADVANTAGE of a third party relay? Spammers can utilize the relay.
What benefit can you expect to get when implementing Single Sign-on? You can get system-wide permissions with it.
DAC (Discretionary Access Control) system operation is what? Each object has an owner which has full control over the object.
WAP programming model is based on what? Client, gateway, original server.
Sensitive data traffic can be confined to workstations on a specific subnet using privilege policy based tables in what type of hardware? Router
You are compiling estimates on how much money the company could lose if a risk occurred one time in the future. This represents what? SLE (Single Loss Expectancy)
At what type of an assessment would an auditor use to test systems for weakness and attempt to defeat existing encryption, passwords, and access lists? A penetration test.
What two functions does IPSec perform? Authentication Header (AH)Encapsulation Security Payload (ESP)
A security consideration that is introduced by a VPN when it passes through a firewall is what? A firewall can not inspect encrypted traffic.
Created by: uop2001