Busy. Please wait.

show password
Forgot Password?

Don't have an account?  Sign up 

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads

COMPTIA Security + 5

Quiz yourself by thinking what should be in each of the black spaces below before clicking on it to display the answer.

What step in the SSL protocol allows for client and server authentication, MAC, and encryption algorithm negotiation, and selection of cryptographic keys?   SSL handshake protocol  
Example of a physical access barrier could be what?   Security guard  
“Due Care” is what?   Policies and procedures intended to reduce the likelihood of damage or injury.  
You discover a lock on the window of an office adjacent to the server room broken. You tell the resident of that office. You do NOT follow up to see if it has been fixed. What affect will this have on the likelihood of a threat?   If the window is not repaired, the likelihood of the threat will increase.  
Providing false information about the source of an attack is known as?   Spoofing  
In order for User A to send User B an e-mail message that only User B can read, User A must encrypt the e-mail with what?   User B’s public key  
When a cryptographic system’s keys are no longer needed, the keys should be?   Destroyed or stored in a secure manner.  
Access controls that are created and administered by the data owner are considered?   DACs (Discretionary Access Control)  
When a string of data is sent to a buffer that is larger than the buffer was designed to handle is an?   Buffer overflow  
One way to limit hostile sniffing on a LAN is by installing what type of hardware device?   Ethernet switch  
An attacker manipulates what field of an IP packet in an IP spoofing attack?   Source address field  
The term cold site refers to what?   A location to begin operations during disaster recovery.  
In decentralized privilege management, user accounts are stored on what?   Individual servers  
Most certificates used for authentication are based on what standard?   X.509v3  
An administrator notices an e-mail server is currently relaying e-mail for any e-mail server requesting relaying. Upon further investigation the administrator notices the existence of /etc/mail/relay domains. What modifications should the administrator   Delete the * entry in the relay domain file and restart the e-mail process.  
An application that appears to perform a useful function but instead contains some sort of malicious code is called?   Trojan Horse  
A piece of code that appears to do something useful while performing a harmful and unexpected function like stealing passwords is?   Trojan Horse  
What program is able to distribute itself without using a host file?   Worm  
A piece of malicious code that can replicate itself has no productive purpose and exist only to damage computer systems or create further vulnerabilities is called?   Worm  
An autonomous agent that copies itself into one or more host programs, then propagates when the host is run, is best described as a what?   Virus  
A program that can infect other programs by modifying them to include a version of it self is a what?   Virus  
User A needs to send a private e-mail to User B. User A doesn’t want anyone to have the ability to read the e-mail except User B, thus retaining privacy. What tenet of info security is User A using?   Confidentiality  
What kind of attack is a type of security breach to a computer that doesn’t usually result in the theft of information or other security loss, but the lack of legitimate use of that system?   DOS  
Computer forensics experts collect and analyze data using what to minimize data loss?   Chain of custody  
What is typically included in a CRL (Certificate Revocation List)?   Certificates that have been disabled before their scheduled expiration.  
What are three characteristics of a computer virus?   Replication mechanism, activation mechanism, and objective.  
Forensic procedures must be followed exactly to ensure the integrity of data obtained in an investigation. When making copies of data from a machine that isbeing examined, what task should be done to ensure it is an exact duplicate?   Perform a cyclic redundancy check using a checksum or hashing algorithm.  
In responding to incidents such as security breaches, one of the most important steps taken is?   Containment  
You are explaining SSL to junior administrators and come up to the topic of handshaking. How many steps are employed between the client and server in the SSL handshake process?   6  
One of the factors that influence the life span of a public key certificate and its associated keys is the?   Value of data being protected.  
A network attack that misuses TCP’s three way handshake to overload serversand deny access to legitimate users is called?   SYN flood  
If a private key becomes compromised before its certificate normal expiration, X.509 defines a method requiring each CA (Certification Authority) to periodically issue a signed data structure called what?   Revocation list  
SSL session keys are available in what two lengths?   40-bit and 128-bit  
You are researching the ARO and need to find specific data that can be used forrisk assessment. What will you use to find the information?   Insurance companies  


Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how
Created by: uop2001