Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Security+ 401 Prep Q

Security+ 401 Prep questions

QuestionAnswer
When a hole is found in a web browser or other software and attackers begin exploiting it the very day it is discovered by the developer (bypassing the 1-2 day response time many software providers need to put out a patch once the hole has been found)? [Zero-day exploit]
When the user enters values that query XML (known as XPath) with values that take advantage of exploits, what is it known as? [XML injection attack]
What is the technology of blocking websites (or sections of websites) based solely on the URL? [URL filtering]
What is it known as when you combine phishing with Voice over IP (VoIP)? [Vishing]
What is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device? [Tailgating]
Phishing or spear phishing, but for big users instead of lower-access individuals, is known as what? [Whaling]
What type of malware are software programs that have the ability to hide certain things from the operating system? [Rootkits]
What type of social engineering attack involves going through the trash looking for notes on paper? [Dumpster diving]
What type of attack is a form of redirection in which traffic intended for one host is sent to another? [Pharming]
Virus attacks your system in multiple ways; infect your boot sector, infect all of your executable files, and destroy your application files; in the hope that you won't be able to correct all of the problems and will allow the infestation to continue? [Multipartite virus]
What type of attack is the ping of death? [Denial of service;either DoS, or DDoS, depending on the number of computers involved]
What is software running on zombie computers often known as? [Botnet]
What type of attack exploits the troubleshooting and developer hooks (that often circumvented normal authentication) that were left in a system by those who created it? [Backdoor attack]
What type of virus will change form in order to avoid detection? [Polymorphic]
What two protocols does HTTP/S use for connection security, and what TCP port does it operate on by default? [HTTP/S uses SSL (Secure Sockets Layer) or TLS (Transport Layer Security) and port 443.]
What type of attack uses IP spoofing and broadcasting to send a ping to a group of hosts in a network? [Smurf attack]
What do you call a computer that has been designated as a target for computer attacks? [Honeypot]
What component of an IDS collects data from the data source and passes it to the analyzer for analysis? [Sensor]
What hardware device is used to create remote access VPNs? [VPN concentrator]
What is a VLAN? [A virtual local area network (VLAN) allows you to create groups of users and systems and segment them on the network.]
What allows a transport protocol to be sent across the network and used by the equivalent service or protocol at the receiving host? [Encapsulation]
What are the four most common security zones you will likely encounter? [Internet, intranet, extranet, and DMZ (demilitarized zone)]
What technology allows you to take any single physical device and hide its characteristics from users;in essence allowing you to run multiple items on one device and make them appear as if they are standalone entities? [Virtualization]
What is ARO? [Annualized rate of occurrence is the likelihood, often drawn from historical data, of an event occurring within a year.]
What are five risk strategies? [Risk avoidance, risk transference, risk mitigation, risk deterrence, and risk acceptance]
What are events that aren't really incidents but trigger the same alarms known as? [False positives]
What does SLE x ARO equal? [ALE. The single loss expectancy, when multiplied by the annual rate of occurrence, equals the annual loss expectancy.]
What type of planning outlines those internal to the organization who have the ability to step into positions when they open? [Succession planning]
What is an agreement between you (or your company) and a service provider (typically a technical support service provider) known as? [Service-level agreement (SLA)]
What is the name for the area of that application that is available to users;those who are authenticated and more importantly those who are not? [Attack surface]
What is the measurement of how long it takes to repair a system or component once a failure occurs? [MTTR (mean time to repair/restore)]
What is bluejacking? [Bluejacking is the sending of unsolicited messages over a Bluetooth connection.]
What type of testing involves trying to get access to your system from an attacker's perspective? [Penetration testing]
Nessus is one of the better-known examples of what type of security tool? [Vulnerability scanner]
What is the gaining of unauthorized access through a Bluetooth connection known as? [Bluesnarfing]
What type of filtering is based on the physical ID of each workstation? [MAC filtering]
What are the three types of cloud computing implementation? [Platform as a Service, Software as a Service, and Infrastructure as a Service]
If the interconnection between the WAP server and the Internet isn't encrypted, packets between the devices may be intercepted. What is this vulnerability known as? [A gap in the WAP]
IPv4, while widely used, has limitations. What is replacing it? [IPv6]
What feature is built into many firewalls to tweak the tolerance for unanswered login attacks and reduce the likelihood of a successful DoS/DDoS attack? [Flood guard]
What type of IDS system uses algorithms to analyze the traffic passing through the network? [A heuristic system]
What is multifactor authentication? [An authentication method that uses two or more access methods]
Retinal scans and thumbprint readers are examples of what type of authentication? [Biometric authentication]
What is the port number for Simple Mail Transport Protocol (SMTP)? [25]
What is the port number for Trivial File Transfer Protocol (TFTP)? [69]
What is the port number for Post Office Protocol 3 (POP3)? [110]
What are the port numbers for FTP? [20 and 21]
Name two types of attacks based on a TCP sequence number? [Man-in-the-middle attack and TCP/IP hijacking]
What port does PPTP use? [TCP 1723]
What port does L2TP use? [UDP 1701]
What does LDAP stand for? [Lightweight Directory Access Protocol, which is used in Microsoft's Active Directory]
What is S/FTP? [A secure form of FTP accomplished using the Secure Shell (SSH)]
Which type of network firewall is typically the easiest to configure and the fastest in operation? [A packet filter network firewall]
What network media is the most susceptible to RF interference and eavesdropping? [Wi-Fi]
Why are removable media, such as flash drives and DVDs, a security concern? [Removable media can be a source of data theft or a point of virus infection.]
SHA and MD are two standards of what? [Hashing]
What is required for nonrepudiation? [An asymmetric algorithm and digital signatures]
What is the minimum number of keys used for PKI? [Two]
You're looking for evidence of activity on the network that might have led to a malicious act. Where should you search first? [The log files]
What tool does a hacker commonly use to look for an avenue of entry through a router or a firewall? [A port scanner]
What root server or organization is responsible for issuing and maintaining certificates? [The certificate authority (CA)]
What do you call a certificate infrastructure that has intermediate certificate servers that directly handle requests for certificates on behalf of the CA root server? [The registration authority (RA) and local registration authority (LRA)]
What is the standard on which PKI certificates are based? [X.509 v3 is the certificate standard.]
Where does physical security come into play in a certificate system? [The root certificate or the server issuing it should be kept under lock and key. In a distributed system, the CA server can be taken offline and locked away.]
If a certificate is compromised, what is one of the first steps that should be taken? [The certificate should be put on the Certificate Revocation List (CRL).]
What is the difference between a certificate suspension and certificate revocation? [Suspension places the certificate on hold without permanently revoking it. It can be put back into service without being reissued. A revocation is permanent.]
In disaster recovery, a hot site would be preferred to a cold site. What technique could be used to make an affordable hot site available? [You could use an existing branch office and then add the infrastructure, servers, and offsite backup that would allow it to act as a hot site.]
Why would you use network tools to simulate an attack? [You could use them to test network vulnerability.]
Should SNMP and SNMP traps be logged? [Yes. SNMP messages and SNMP traps can record valuable information regarding a network's condition.]
Under mandatory access control, can a creator/owner (who isn't an administrator) of a resource set the permissions on the resource? [No. Under mandatory access control (MAC), only the administrator can set the permissions. Users and owners have limited freedom and the system determines the access based on the mandatory rules.]
What is Blowfish? [Blowfish is a symmetric block cipher that can use variable-length keys.]
A logic bomb is a program inserted into a system. It's set to activate when a logical condition exists at some later time. What is the most common vehicle used to insert a logic bomb? [An explicit internal user act or a virus designed to plant the logic bomb]
List four of the principle components of PKI. [CA, RA, RSA, and digital certificates]
The permission access that grants the most restrictive access to a user while allowing them to do their work is known as what? [Least privilege]
What does IDS stand for? [Intrusion detection system]
Applying patches, updates, and service packs; eliminating unneeded services and protocols; and closing ports on a server are all examples of what? [Server and NOS hardening]
Give an example of DHCP server hardening. [Leasing IP addresses only to clients with reservations based on a MAC address]
Would using fiber optics as opposed to UTP be considered hardening? [Yes]
On what part of the network should public web servers be placed? [The DMZ]
List some of the common types of servers that you might find on a DMZ. [Web, mail, and DNS]
Having your main database server on a DMZ isn't secure. However, if your web server needs current data that is contained on that database server, what are two of your options? [You can configure a second DB server on the DMZ and periodically replicate data to it from the main DB server on the LAN, and you can also have the web server request data from the internal DB server.]
Is implementing RAID-5 a method for providing high availability? What is another term for this? [Yes; fault tolerance]
Not giving restore permission to the person with backup permission is an example of what? [Separation of duties]
What malicious attack can a hacker initiate with a buffer overflow? [The hacker can execute a code attack in the leftover shell of a program with system privileges.]
What port would you close to prevent Telnet attacks? [Port 23]
Creating an account named Administrator, giving the account no rights or permissions, and setting up auditing on the account is an example of what? [A good security policy and the creation of a honeypot]
True or False: In a banking transaction system such as that done at an ATM, nonrepudiation is very important. [True]
What is DNS? [The Domain Name Service used to relate domain names to IP addresses]
Documentation and the chain of custody are important when you're collecting evidence. What else is important? [The preservation of evidence and using care not to alter or taint the evidence]
Where are revocation lists maintained? [On a CA server]
An individual pretending to be a network administrator calls a user in the company to confirm their username and password. This is an example of what type of attack? [Social engineering]
MD2, MD4, and MD5 are all examples of what? [Hashing algorithms]
What type of security involves the protection of your assets and information from physical access by unauthorized personnel? [Physical security]
Which type of security includes access control, authentication, and security topologies after network installation is complete? [Operational security]
What type of policies lay out guidelines and expectations for upgrades, monitoring, backups, and audits? [Administrative policies]
What is the difference between DoS and DDoS attacks? [A DDoS attack uses multiple computers, all focused on one target. A DoS attack uses a single computer to attack a target.]
What are two popular spoofing attacks today? [IP spoofing and DNS spoofing]
What is a security baseline used for? [The baseline provides the input needed to design, implement, and support a secure network.]
What is a mantrap? [A room, area, or device that requires visual identification, as well as authentication, to gain access. Mantraps are usually designed to retain an unauthorized person until authorities arrive.]
What is a security zone? [An area in a building where access is individually monitored and controlled]
Created by: Jbrissette