Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Security Plus 5

COMPTIA Security + 5

QuestionAnswer
What step in the SSL protocol allows for client and server authentication, MAC, and encryption algorithm negotiation, and selection of cryptographic keys? SSL handshake protocol
Example of a physical access barrier could be what? Security guard
“Due Care” is what? Policies and procedures intended to reduce the likelihood of damage or injury.
You discover a lock on the window of an office adjacent to the server room broken. You tell the resident of that office. You do NOT follow up to see if it has been fixed. What affect will this have on the likelihood of a threat? If the window is not repaired, the likelihood of the threat will increase.
Providing false information about the source of an attack is known as? Spoofing
In order for User A to send User B an e-mail message that only User B can read, User A must encrypt the e-mail with what? User B’s public key
When a cryptographic system’s keys are no longer needed, the keys should be? Destroyed or stored in a secure manner.
Access controls that are created and administered by the data owner are considered? DACs (Discretionary Access Control)
When a string of data is sent to a buffer that is larger than the buffer was designed to handle is an? Buffer overflow
One way to limit hostile sniffing on a LAN is by installing what type of hardware device? Ethernet switch
An attacker manipulates what field of an IP packet in an IP spoofing attack? Source address field
The term cold site refers to what? A location to begin operations during disaster recovery.
In decentralized privilege management, user accounts are stored on what? Individual servers
Most certificates used for authentication are based on what standard? X.509v3
An administrator notices an e-mail server is currently relaying e-mail for any e-mail server requesting relaying. Upon further investigation the administrator notices the existence of /etc/mail/relay domains. What modifications should the administrator Delete the * entry in the relay domain file and restart the e-mail process.
An application that appears to perform a useful function but instead contains some sort of malicious code is called? Trojan Horse
A piece of code that appears to do something useful while performing a harmful and unexpected function like stealing passwords is? Trojan Horse
What program is able to distribute itself without using a host file? Worm
A piece of malicious code that can replicate itself has no productive purpose and exist only to damage computer systems or create further vulnerabilities is called? Worm
An autonomous agent that copies itself into one or more host programs, then propagates when the host is run, is best described as a what? Virus
A program that can infect other programs by modifying them to include a version of it self is a what? Virus
User A needs to send a private e-mail to User B. User A doesn’t want anyone to have the ability to read the e-mail except User B, thus retaining privacy. What tenet of info security is User A using? Confidentiality
What kind of attack is a type of security breach to a computer that doesn’t usually result in the theft of information or other security loss, but the lack of legitimate use of that system? DOS
Computer forensics experts collect and analyze data using what to minimize data loss? Chain of custody
What is typically included in a CRL (Certificate Revocation List)? Certificates that have been disabled before their scheduled expiration.
What are three characteristics of a computer virus? Replication mechanism, activation mechanism, and objective.
Forensic procedures must be followed exactly to ensure the integrity of data obtained in an investigation. When making copies of data from a machine that isbeing examined, what task should be done to ensure it is an exact duplicate? Perform a cyclic redundancy check using a checksum or hashing algorithm.
In responding to incidents such as security breaches, one of the most important steps taken is? Containment
You are explaining SSL to junior administrators and come up to the topic of handshaking. How many steps are employed between the client and server in the SSL handshake process? 6
One of the factors that influence the life span of a public key certificate and its associated keys is the? Value of data being protected.
A network attack that misuses TCP’s three way handshake to overload serversand deny access to legitimate users is called? SYN flood
If a private key becomes compromised before its certificate normal expiration, X.509 defines a method requiring each CA (Certification Authority) to periodically issue a signed data structure called what? Revocation list
SSL session keys are available in what two lengths? 40-bit and 128-bit
You are researching the ARO and need to find specific data that can be used forrisk assessment. What will you use to find the information? Insurance companies
Created by: uop2001