Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove Ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

Sec+

Security + Flash Cards

QuestionAnswer
U are preparing to deploy an Web site. The Web site uses dynamically generated Web pages based on user input. This is a requirement for the application running on the site. U need to design the site to prevent cross-site scripting attacks. U need to choos Implement user input validation.
You discover that when network users attempt to navigate to your company's public Web site, they are being redirected to a different Web site. This is an example of what type of attack? DNS poisoning
You are designing network access control so that remote users are limited to accessing the network during normal business hours only. Policies regarding user access apply to all users. This is an example of what type of access control? Rule-based access control
A HIDS that recognizes possible attacks by monitoring attempts to make unauthorized changes to files is an example of what kind of monitoring methodology? Behavior-based
What protocol is used to encrypt e-mail messages for transmission and delivery? Secure Multipurpose Internet Mail Extension (S/MIME)
You want to create a document that describes what types of things employees are permitted to do regarding e-mail and Web usage. Acceptable use policy
You are looking for ways to protect data on a network. Your solution should: * Provide for easy backup of all user data. * Minimize risk of physical data theft. Use file servers attached to an NAS system. Lock the file servers and NAS in a secure area.
Which solution should you use? * Minimize the impact of the failure of any one file server.
You suspect that an attacker is sending damaged packets into your network as a way to compromise your firewall. You need collect as much information about network traffic as possible. What should you use? Protocol analyzer
You are designing a secure application environment. You need to ensure that data is kept as secure as possible. You need to select the strictest access control model. What access control model should you use? You should use the mandatory access control (MAC) model.
You need to determine if intermittent spikes in network activity are related to an attempt to breach the network. You need to identify exactly when the activity is occurring and what type of traffic is causing the activity. What should you do? Use a protocol analyzer.
Why should you require the sender to digitally sign sensitive e-mail messages? To provide for nonrepudiation. To validate the sender.
Which environmental control is part of TEMPEST compliance? Shielding
Your office is TEMPEST-compliant. This prevents what potential risk? Using a cell phone to access unauthorized Web sites.
What should you do first if you discover a rogue AP on your LAN? Immediately disconnect the rogue AP from your network.
The process of logging onto a network with a user name and password is an example of which of the following? Authentication
Your network is protected from the Internet by a firewall. You are concerned about potential risks in the firewall protection. What should you do? Scan the firewall's incoming ports with a port scanner.
In a PKI system, what is the role of a private key? Data decryption
Your network administrator backs up the server by using an incremental backup strategy. He uses 7 tapes, one tape per day, and he performs the backup at the end of each business day. He does a full backup on Friday and Tuesday and an incremental on the ot 2
You need to encrypt the contents of a USB flash drive. Which type of encryption should you use? Advanced Encryption Standard (AES) is a symmetric key encryption algorithm.
Created by: mylovelybekah