Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Security Plus Cert
Self Study for Comptia Security Plus
| Question | Answer |
|---|---|
| What are Ports 20/21 used for? | FTP |
| What is Port 22 used for? | Secure Shell (SSH) |
| What is Port 23 used for? | Telnet |
| What is Port 25 used for? | SMTP |
| What is Port 53 used for? | DNS |
| What is Port 69 used for? | TFTP |
| What is Port 80 used for? | HTTP |
| What is Port 88 used for? | Kerberos |
| What is Port 110 used for? | POP3 |
| What is Port 143 used for? | IMAP |
| What is Port 443 used for? | SSL/HTTPS |
| What are Ports 161/162 used for? | SNMP |
| What are Ports 137/138 used for? | NetBios |
| What is Port 995 used for? | pop3s |
| What is Port 1433 used for? | SQL |
| What type of audit can be used to determine if accounts have been established correctly and verify that privilege creep isn't occurring? | Privilege Audit |
| What kind of physical access device restricts access to a smaller number of individuals at one time? | Mantrap |
| A Voluntary set of Standards governing encryption | Public-Key Cryptography Standards |
| Protocol used to create a secure environment in a wireless network? | WEP |
| Internet Server interfaces with TCP/IP at which layer of the DOD model? | Process Layer |
| Which technology would allow you to establish a network connection between two LAN's using the internet? | L2TP |
| Design concept which limits access to systems from the outside users while protecting users and systems inside the LAN? | DMZ |
| In the Key Recovery Process, what key must be recoverable? | Previous Key |
| Which component of IDS collects Data? | Sensor |
| What is the process of making an operating system secure from attack called? | Hardening |
| The integrity objective addresses which characteristics of information security? | Verification that information is accurate. |
| Which mechanism is used by PKI to allow immediate verification of a certificates validity? | OCSP |
| _________ is the equivalent of a VLAN from a physical security perspective. | Partitioning |
| _________ is a Mechanism or process used to enable or disable access to a network resource based on IP address. | ACL |
| Program that exists promarily to propogate itself to other systems? | Worm |
| Type of Attack in which a person present themself at a location asking questions about server configurations? | Social Engineering |
| 123456 is an example of what? | Weak Passwords |
| What is a major security problem with FTP Servers? | User Id's and Passwords are unencrypted. |
| What system provides active protection and notification of security problems | IDS |
| A ________ __ _________ is a process of verifying the steps taken to maintain integrity of forensic evidence? | Chain of custody |
| Encryption process that uses one message to hide another? | Steganography |
| What dictates how systems are used in your organization? | Use Policy |
| Algorithm used to create a temporary secure session for the exchange of information? | KEA |
| What security standard would be best suited for use with PDA's in an asymmetric system? | ECC |
| What backup generally provides the fastest backup times? | Incremental |
| You are assigned a laptop with fingerprint scanner as part of your logon process, this is an example of what type of identity verification? | Biometric |
| Access control method primarily concerned with users role within the organization? | RBAC |
| _____________ is the process of investigating a computer system for clues to an event? | Computer Forensics |
| What is layer 7 of the OSI Model? | Application |
| What is Layer 6 of the OSI Model? | Presentation |
| What is Layer 5 of the OSI Model? | Session |
| What is Layer 4 of the OSI Model? | Transport |
| What is Layer 3 of the OSI Model? | Network |
| What is Layer 2 of the OSI Model? | Datalink |
| What is Layer 1 of the OSI Model? | Physical |
| How Many layers does the DOD Model have | four |
| An attack designed to overload a service or protocol? | Back Door |
| Is 192.168.0.10 an example of a Public or Private IP address? | Private |
| What protocal allows an organization to present a single tcp/ip address to the internet while utilizing private addressing on the internal LAN? | NAT |
| Name an authentication method that utilizes more than one authentication process at logon? | Multi-factor |
| What authentication method uses KDC to accomplish authentication for users, programs and systems? | Kerberos |
| How can you break a network into smaller private networks on the same wiring without being aware of each other? | VLAN |
| What technology allows for connection between two networks using a secure protocol? | Tunneling |
| What part of the design goals would involve determining who owns a particular file? | Accountability |
| The process of identifying the value of information or equipment in an organization? | Asset Identification |
| You are asked to do a presentation of threats your organization could face from hackers, thsi is an example of? | Risk Management |
| What authentication method presents credentials that are only valid during a single session? | Token |
| Attack which denies authorized users access to network resources? | DOS |
| Attack which uses more than one computer to attack a victim? | DDOS |
| An attack carried out by inserting a computer between two systems that are communicating? | Man-in-the-middle |
| ________ is an attack where an attacker attempts to use an ip address to replace another system in the network. | TCP/IP hijacking |
| A SMURF attack uses what protocol to conduct the attack? | ICMP |
| When examining your AntiVirus software you notice the definition file missing, what type of virus probably infected your system? | Retrovirus |
| Address 132.x.x.x is what Class of IP? | Class B |
| Address 10.2.1.27 is an example of? | Private IP address |
| Address 192.168.1.33 is what class of IP? | Class C |
| Address 127.0.0.10 is what class ip Address | Class A |
| System designed to allow attackers to break in | Honeypot |
| A Network Sniffer and _______ can be used to monitor a network for unauthorized activity. | NIDS |
| Which IDS function evaluates data collected from sensors | Analyzer |
| What protocol operates on 2.4GHZ and has a bandwidth of 1 Mbps oe 2 Mbps. | 802.11 |
| What protocol is mainly used to enable access to the internet from a mobile phone or PDA? | WAP |
| A primary vulnerability of wireless environments is ______________. | Site Survey |
| ______________ is the process of identifying a network and its security posture. | Footprinting |
| Wireless protocol considered equivilant to a wired network? | WPA2 |
| Process of formulating a reaction to a computer attack officially called? | Incident Response |
| When an event is detected when it is happening, it is being detected in ________. | Real Time |
| What is the process of disrupting an IM session called? | Jamming |
| Process of making an Operating System or Network Operating System environment more secure from attacks and intruders. | Hardening |
| ___________ is the process of establishing a standard for security. | Baselining |
| Lightweight Directory _______ Protocol | Access |
| Accurate Network time and ______ are required for correct operation of Kerberos? | Key Distribution Center |
| Content, URL's and Certificates are most likely to be _________ by Internet Filters. | Analyzed |
| A device for securing an internal network from traffic external to the segment? | NIPS |
| VPN implementations that consist of taking IPv6 security features and porting them to IPv4? | IPSEC |
| A user is assigned access rights based on their function within the organization. | RBAC |
| Malicious software that travels across computer networks without requiring a user to distribute the software? | WORM |
| __________ would be most important to have to ensure that a company will be able to recover in case of severe environmental trouble or destruction. | Disaster Recovery Plan |
| Task Based Control model | RBAC |
| Workstation or system that produces a challenge string that the user provides, when prompted, in conjunction with the proper PIN. | Challenge Response Systems |
| Algorithym that cannot be reversed in order to decode the data | One Way Function |
| Implement a procedure to control inbound and outbound traffic on a network segment | ACL |
| Freeware Forensics tools used to capture packet traffic from a network | TCPDump |
| Protocol that is not recommended due to them supplying passwords and information over the network? | SNMP |
| Must be installed for HTTPS to work properly on a web site? | Digital Certificate |
| WEP, Wired Equivalent Privacy, is a solution to provice security on a ______________. | Wireless Local Area Network. |
| Tunneling Protocol that can only works on IP networks because it requires IP coonnectivity. | PPTP |
| Attack that takes advantage of computers not fully updated with the most recent OS patches. | Software Exploitation |
| Secret Key Encryption is also known as | Symmetrical |
| Program allows user to execute code with a higher level of security than the user should have access to. | Privilege Escalation |
| The ultimate authority is called the | Root Certificate Authority |
| Why are clocks used in Kerberos authentication | Ensure Tickets Expire Correctly. |
| Message Authentication codes are used to provide which service | Integrity |
| Installable package that includes several patches from the same vendor for various applications | Service Pack |
| In order to secure web based communications, SSL uses Symmetric cryptography and ______. | Public-Key Cryptography |
| What is the best method for securing a web browser? | Disable all unused features of the web browser. |
| Document describing a group of expected minimum behavior in known as: | Code of Ethics |
| ________ could cause communication errors with ipsec VPN tunnel because of changes made to the IP header. | NAT |
| Backing up files and software that have changed since the last full or incremental backup. | Incremental |
| Authentication process where the user can access several resources without the need for multiple credentials? | Single Sign On |
| First action taken by an SSL enabled Server when a user c;icks to browse a secure page. | Server uses a digital certificate to identify itself to the browser. |
| WEP uses what type of stream ciphers | RC4 |
| Gateway to Gateway in needed to connect users via VPN when the VPN needs be to ______ to the users. | Transparent |
| A Web page becomes unresponsive whenever the embedded calendar control is used. What type of vulnerability is occurring? | Active X |
| SSL operates at which layer | Transport |
| An important component of good data retention policy is. | Offsite Storage. |
| A person walks into a secure room behind a group of people without providing credentials to gain access is what type of activity. | Tailgating |
| Connectivity required for a web server that is hosting an SSL based web site? | Port 443 Inbound |
| Trust Model that would allow each user to create and sign certificates for the people they know. | Web of Trust |
| Strict Environment for enforcing principles of need to know, separation of duties and least privilege. | Mandatory Access Control |
| Audit Log information is best protected by Access controls that restrict usage and _________. | Recording to write once media |
| Malicious code that enters a computer by means of freely distributed game that is installed and played is known as _____________ | Trojan Horse. |
| Programming Technique used to prevent buffer overflow. | Input Validation |
| PGP uses PKI trust model where no certificate authority is subordinate to another | Peer to Peer |
| Access Control Model that allows control determinations to be performed | MACS Method |
| Person enters pretending to be a repair technician and connects a sniffer to the network, this is an example of? | Social Engineeering |
| Terminology or concept that best describes MAC model. | Lattice |
| Password generator that uses a challenge response method for authentication | Synchronous password generator |
| Network Authentication Protocol the uses symmetric cryptography, stores a shared key for each network resource and usees Key Distribution Center? | Kerberos |
| Allows an administrator to find weak passwords on a network? | Password Generator |
| What is the process of deriving an encrypted value from a mathmatical process called? | hashing |
| Which govt agency has the primary responsibility of establishing government standards involving cryptography for general purpose government use? | NIST |
| The process of proposing a new standard or method on the internet is referred to by which acronym? | RFC |
| Protocol similar to SSL, but offers the ability to use additional security protocols? | TLS |
| What problem is created by centralized key generating process? | Key Transmission |
| Prevention of unauthorized disclosure of keys? | Access Control |
| What is the primary organization for maintaining certificates called? | CA |
| What is often used to revoke a certificate? | CRL |
| Which organization can be used to identify an individual for certificeate issue in a PKI environment? | LRA |
| Certificate policies describe how a certificate is _________. | Used |
| What is the process of storing keys for use by law enforcement caleld? | Key Escrow |
| Which protocol allows a certificates authenticity to be immediately verified? | OCSP |
| Which set of specifications is designed to allow XML-based programs access to PKI services? | XKMS |
| An attack based on the statistics probability of a match in a key base is referred to as? | birthday attack |
| What is the biggest security concern if your company uses public keys? | Integrity |
| Plan or Policy that determines how to relocate to an emergency site? | Disaster Recovery Plan |
| Type of Backup for the immediate recovery of a lost file? | Working Copy |
| System frequently has audit files/transaction logs that can be used for recovery? | Database |
| System backup that only backs up files since the last full or incremental backup? | Incremental |
| System Backup that backs up everything since the las full backup. | Differential |
| Which backup method uses a rotating schedule of backup media to ensure long term information storage? | Grandfather, Father, Son |
| Agreement between two organizations providing mutual use of facilities in the event of emergency? | Recipricol |
| The process of automatic switching from a malfunctioning system to another system. | Fail Over |
| Which RAID disk Technology is not fault tollerant? | RAID 0 |
| An agreement that outlines performance requirements for a vendor? | SLA |
| Vendor storing code for use by the customer in the event that it ceases business? | Code Escrow |
| Policy that defines how computer systems may be used within an organization? | Acceptable Use Policy |
| Policy which describes confidentiality of customre records? | Due Care |
| Policy dictates how an organization manages certificates? | Certificate Policy |
| Which process inspects procedures and verifies that they are working? | Audit |
| Which access model allows users flezxibility for information sharing? | DAC |
Created by:
1797603944
Popular Computers sets