Cloned from: Sec+ Cert



keywords:
Bookmark and Share



Front Back
Which of the following protects the confidentiality of data by making the data unreadable to those who don’t have the correct key? A  Hashing B  Digital signatures C  Encryption D  Non-repudiation
C  Encryption  
Most current encryption schemes are based on: A  Digital right management B  Time stamps C  Randomizing D  Algorithms
D  Algorithms
The IPSec Security Association is managed by: A  ESP B  ISAKMP C  IEEE D  AH
B  ISAKMP
Which of the following types of cryptography is typically used to provide an integrity check? A  Public Key B  Asymmetric C  Symmetric D  Hash
D  Hash
Message authentication codes are used to provide which service? A  Integrity B  Fault recovery C  Key recovery D  Acknowledgement
A  Integrity
A user has a sensitive message that need to be sent in via email. The message needs to be protected from interception. Which of the following should be used when sending the email? A  Digital signatures B  Social engineering C  Encryption D  Non-repudiation
C  Encryption
Which of the following refers to the ability to be reasonably certain that data is not disclosed to unintended persons? A  Non-repudiation B  Integrity C  Authentication D  Confidentiality
D  Confidentiality
While surfing the internet a user encounters a pop-up window that prompts the user to download a browser plug-in. The pop-up window is a certificate which validates the identity of the plug-in developer. Which of the following BEST describes this type of certificate? A  Software publisher certificate B  Web certificate C  Certificate Authority (CA) certificate D  Server certificate
A  Software publisher certificate
Which of the following describes a type of algorithm that cannot be reversed in order to decode the data?
B  One Way Function
The MOST common Certificate Server port required for secure web page access is port: A  25 B  80 C  443 D  446
C  443
Secret Key encryption is also known as: A  Symmetrical B  Replay C  One way function D  Asymmetrical
A  Symmetrical
A public key __________ is a pervasive system whose services are implemented and delivered using public key technologies that include Certificate Authority (CA), digital certificates, non-repudiation, and key history management. A  Cryptography scheme B  Distribution authority C  Exchange D  Infrastructure
D  Infrastructure
Which of the following are types of certificate-based authentication? (Select TWO) A  Many-to –one mapping B  One-to –one mapping C  One-to many mapping D  Many-to-many mapping
A  Many-to –one mapping B  One-to –one mapping
Which of the following would be an example of a high-availability disk technology? A  Load balancing B  Clustering C  RAID D  Remote access
C  RAID
The ability to logon to multiple systems with the same credentials is typically know as: A  Decentralized management B  Single sign-on C  Role Based Access Control (RBAC) D  Centralized management
B  Single sign-on
The FIRST step in risk identification would be to identify: A  Assets B  Costs C  Threats D  Vulnerabilities.
A  Assets
Which of the following would be MOST important to have to ensure that a company will be able to recover in case of severe environmental trouble or destruction? A  Disaster recovery plan B  Alternate sites C  Offsite storage D  Fault tolerant systems
A  Disaster recovery plan
During a live response to an unauthorized access, a forensics specialist executes a command on the computer being Investigated. Which of the following commands would be used to display the current network connections on the local computer? A  NETSTAT B  IPCONFIG/IFCONFIG C  nmap D  NETCAT
A  NETSTAT
Documentation describing a groups expected minimum behavior is know as: A  The need to know B  Acceptance usage C  The separation of duties D  A code of ethics
D  A code of ethics
An important component of a good data retention policy is: A  Backup software licensing B  Offsite storage C  Magnetic media sorting D  Server drive redundancy
B  Offsite storage
A company has implemented a policy stating that users will only receive access to the systems needed to perform their job duties. This is an example of: A  Seperation of duties B  Least privilege C  Concurrent sesson control D  Access control
B  Least privilege
A company’s new employees are asked to sign a document that describes the methods of and purposes for accessing the company’s IT systems. Which of the following BEST describes this document? A  Policy Act of 1974 B  Authorized Access Policy C  Due diligence form D  Acceptable Use Policy
D  Acceptable Use Policy
23  A company has a complex multi-vendor network consisting of UNIX, Windows file servers and database applications.  Users report having too many passwords and that access is too difficult. Which of the following can be implemented to mitigate this situation? A  Biometric authentication B  Multifactor authentication C  User Groups D  Single sign-on
D  Single sign-on
Which of the following is the BEST place to obtain a hotfix or patch for an application or system? A  An email from the vendor B  A newsgroup or forum C  The manufacturer’s website D  A CD-ROM
C  The manufacturer’s website
Which of the following is a suppression method for a Class C fire? A  Water B  Soda acid C  Dry powder D  Carbon Dioxide (C02)
D  Carbon Dioxide (C02)
Communication is important to maintaining security because communication keeps: A  The network bandwidth usage under control B  The user community informed of threats C  Law enforcement informed of what is being done D  The IT security budget justified
B  The user community informed of threats
To aid in preventing the execution of malicious code in email clients, which of the following should be done by the email administrator? A  Spam and anti-virus filters should be used B  Regular updates should be performed C  Preview screens should be disabled D  Email client features should be disabled.
A  Spam and anti-virus filters should be used
A user receives an email asking the user to reset the online banking username and password. The email contains a link and when the user accesses the link, the URL that appears in the browser does not match the link.  This would be an example of: A  Spoofing B  Phishing C  Hijacking D  Redirecting
B  Phishing
Which of the following types of publicly accessible servers should have anonymous logins disabled to prevent an attacker from transferring malicious data? A  FTP B  Email C  Web D  DNS
A  FTP
CGI scripts are susceptible to which of the following types of attacks? A  Buffer overflows B  SQL injection C  Cross site scripting D  DNS spoofing
C  Cross site scripting
In addition to bribery and forgery, which of the following are the MOST common techniques that attackers use to socially engineer people?  (Select TWO) A  Phreaking B  Dumpster diving C  Whois search D  Flattery E  Assuming a position of authority
D  Flattery E  Assuming a position of authority
Audit logs must contain which of the following characteristics? A  Authorization B  Confidentiality C  Non-repudiation D  Accessibility
C  Non-repudiation
Which of the following would be an easy way to determine whether a secure web page has a valid certificate? A  Right click on the lock at the bottom of the browser and check the certificate information. B  Contact Thawte or Verisign and ask about the web page C  Contact the web page’s master D  Ensure that the web URL starts with ‘https:\\’
A  Right click on the lock at the bottom of the browser and check the certificate information.
 Which of the following remote access processes is BEST described as matching user supplied credentials with those previously stored on a host server? A  Authentication B  Accounting C  Authorization D  Association
A  Authentication
A software or hardware device that allows only authorized network traffic in or out of a computer or network is called a: A  Firewall B  Packet sniffer C  HoneypotD  Anti-virus program
A  Firewall
When reviewing traces from an IDS, the following entries are observed.   Date     Time     Source IP          Destination IP    Port      Type 10/21    0900     192.168.5.2       10.10.2.1           20         SYN 10/21    0915     192.168.5.2       10.10.2.1           21         SYN 10/21    0920     192.168.5.2       10.10.2.1           23         SYN 10/21    0930     192.168.5.2       10.10.2.1           25         SYN   Which of the following is MOST likely occurring? A  Denial of Service (DoS) B  Port scanning C  SYN Flood D  Expected TCP/IP traffic
B  Port scanning
37  Which of the following types of attacks is BEST described as an attacker capturing part of a communication and later sending that communication segment to the server while pretending to be the client? A  TCP/IP hijacking B  Replay C  Back door D  Man in the middle
A  TCP/IP hijacking  
A security specialist for a large distributed network with numerous divisions is selecting an access control model.  Employees in the human resources division need access to personnel information but not production data and operations employees need access to production data only.  Which of the following access control models would be MOST appropriate? A  Discretionary Access Control (DAC) B  Rule Based Access Control (RBAC) C  Mandatory Access Control (MAC) D  Role Based Access Control (RBAC)
D  Role Based Access Control (RBAC)
Malicious code that enters a target system, lays dormant until a user opens the certain program then deletes the contents of attached network drives and removable storage devices is known as a: A  Worm B  Trojan horse C  Logic bomb D  Honeypot.
C  Logic bomb
A programming mechanism used to allow administrative access while bypassing the usual access control method is known as a: A  Logic bomb B  Software exploit C  Trojan horse D  Back door.
D  Back door.
Which of the following network authentication protocols uses symmetric key cryptograph, stores a shared key for each network resource and uses a Key Distribution Center (KDC)? A  RADIUS B  TACACS+ C  Kerberos D  PKI
C  Kerberos
Which of the following authentication methods requires that the client authenticate itself to the server and the server authenticate itself to the client? A  Username/password B  Multifactor C  Biometric D  Mutual
D  Mutual
The risks of social engineering can be decreased by implementing: (Select TWO) A  Security awareness training B  Risk assessment policies C  Operating sytems patching instructions D  Vulnerability testing techniques E  Identify verification methods
A  Security awareness training
E  Identify verification methods
Which of the following is an inherent flow of Discretionary Access Control (DAC) relating to security? A  DAC relies on the identity of the user or process, leaving room for a Trojan horse. B  DAC relies on certificates, allowing attackers to use those certificates C  DAC does not rely on the identity of a user, allowing anyone to use an account D  DAC has no known security flaws
A  DAC relies on the identity of the user or process, leaving room for a Trojan horse.
Which of the following access control models uses subject and object labels? A  Mandatory Access Control (MAC) B  Role Based Access Control (RBAC) C  Rule Based Access Control (RBAC) D  Discretionary Access Control (DAC)
A  Mandatory Access Control (MAC)
A task-based control model is an example of which of the following? A  Role Based Access Control (RBAC) B  Discretionary Access Control (DAC) C  Rule Based Access Control (RBAC) D  Mandatory Access Control (MAC
A  Role Based Access Control (RBAC)
Which of the following access decisions are based on a Mandatory Access Control (MAC) environment? A  Access control lists B  Ownership C  Group membership D  Sensitivity labels
D  Sensitivity labels
Reusing a ticket, as a replay attack, in Kerberos authentication will not be successful because the tickets: A  Are encrypted B  Use a token C  Are time stamped D  Are digitally signed
C  Are time stamped
Audit log information can BEST be protected by: (Select TWO) A  Using a VPN B  An IDS C  Access controls that restrict usage D  An intrusion prevention system (IPS) E  Recording to write-once media F  A firewall that creates and enclave.
C  Access controls that restrict usage
E  Recording to write-once media
Which of the following methods of password guessing typically requires the longest attack time? A  Rainbow B  Birthday C  Dictionary D  Brute Force
D  Brute Force
x of y cards Next > >> >|