dom1

446 terms by candwall 

Ready to study?
Start with Flashcards

Create a new folder

Advertisement Upgrade to remove ads

dom1

Which of the following are denial of service attacks? (Select two.)

Salami

Smurf

Hijacking

Fraggle

Smurf and Fraggle

An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?

Replay

Backdoor

Denial of Service

Spamming

C

A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack?

Teardrop attack

SYN flood

Ping of death

Land attack

D

Which of the following is a form of denial of service attack that subverts the TCP three-way handshake process by attempting to open numerous sessions on a victim server but intentionally failing to complete the session by not sending the final required packet?

Ping of death

Session hijacking

Teardrop

SYN attack

D

Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?

Session hijacking

Fingerprinting

Fraggle

Smurf

D

Which of the following is the most effective protection against IP packet spoofing on a private network?

Anti-virus scanners

Host-based IDS

Ingress and egress filters

Digital signatures

C

Which of the following is the most effective protection against IP packet spoofing on a private network?

Anti-virus scanners

Host-based IDS

Ingress and egress filters

Digital signatures

A

When a SYN flood is altered so that the SYN packets are spoofed in order to define the source and destination address as a single victim IP address, the attack is now called what?

Land attack

Fraggle attack

Analytic attack

Impersonation

A

A Smurf attack requires all but which of the following elements to be implemented?

Padded cell

Victim computer or network

Amplification or bounce network

Attacker system

A

Which of the following best describes the ping of death?

Sending multiple spoofed ICMP packets to the victim

Partial IP packets with overlapping sequencing numbers

An ICMP packet that is larger than 65,536 bytes

Redirecting echo responses from an ICMP communication

C

Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity?

Replay attack

Spam

Sniffing

Impersonation

B

Network-based intrusion detection is most suited to detect and prevent which types of attacks?

Bandwidth-based denial of service

Buffer overflow exploitation of software

Brute force password attack

Application implementation flaw

A

As the victim of a Smurf attack, what protection measure is the most effective during the attack?

Blocking all attack vectors with firewall filters

Turning off the connection to the ISP

Communicating with your upstream provider

Updating your anti-virus software

C

What is the primary purpose of penetration testing?

Evaluate newly deployed firewalls

Assess the skill level of new IT security staff

Test the effectiveness of your security perimeter

Infiltrate a competitor's network

C

What is the most important task to perform when implementing vulnerability scanning?

Develop an activity plan

Collect the attack tools

Fingerprint the target systems

Get senior management approval

D

Which of the following uses hacking techniques to proactively discover internal vulnerabilities?

Inbound scanning

Reverse engineering

Intrusion Detection System (IDS)

Penetration testing

D

Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack?

Split Knowledge team

Zero knowledge team

Full knowledge team

Partial knowledge team

B

Which phase or step of a security assessment is a passive activity?

Reconnaissance

Privilege escalation

Enumeration

Vulnerability mapping

A

When a penetration test is to be performed against an environment with senior management approval by a zero knowledge team, who needs to be informed of the impending attack?

Department managers

Senior staff

End users

Security staff

B

NetBus and Back Orifice are remote control tools. They allow you to connect to a remote system over a network and operate it as if you were sitting at its local keyboard. Unfortunately, these two programs are also examples of what type of security concern?

Packet sniffers

Viruses

IPSec filters

Backdoor trojans

D

What are the most common network traffic packets captured and used in a replay attack?

DNS query

File transfer

Authentication

Session termination

C

When a malicious user captures authentication traffic and replays it against the network later, what is the security problem you are most concerned about?

Spam

Denial of service

Bandwidth consumption

An unauthorized user gaining access to sensitive resources

D

When the TCP/IP session state is manipulated so that a third party is able to insert alternate packets into the communication stream, what type of attack has occurred?

Replay

Spamming

Masquerading

Hijacking

D

What is the goal of a TCP/IP hijacking attack?

Executing commands or accessing resources on a system the attacker does not otherwise have authorization to access

Destroying data

Preventing legitimate authorized access to a resource

Establishing an encryption tunnel between two remote systems over an otherwise secured network

A

Which of the following is an example of privilege escalation?

Separation of duties

Principle of least privilege

Mandatory vacations

Creeping privileges

D

A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?

Privilege escalation

Man-in-the-middle attack

Social engineering

Smurf attack

A

What is the primary difference between impersonation and masquerading?

One is used against administrator accounts, the other against end user accounts

One is easily detected, the other is subtle and stealthy

One is a real-time attack, the other is an asynchronous attack

One is more active, the other is more passive

D

Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?

Passive logging

Distributed denial of service

Spamming

Man-in-the-middle attack

D

Which of the following is the best countermeasure against man-in-the middle attacks?

MIME e-mail

PPP

IPSec

UDP

C

Which of the following is not a countermeasure against dictionary attacks?

Using three or four different keyboard character types (i.e. lowercase, uppercase, numerals, and symbols)

Using short passwords

Avoiding industry acronyms

Avoiding common words

B

Which of the following attacks will typically take the longest amount of time to complete?

Brute force attack

Impersonation attack

Dictionary attack

Replay attack

A

Which of the following is most vulnerable to a brute force attack?

Two-factor authentication

Password authentication

Biometric authentication

Challenge-response token authentication

B

Which type of password attack employs a list of pre-defined passwords that it tries against a logon prompt or a local copy of a security accounts database?

Salami

Dictionary

Asynchronous

Brute force

B

Which of the following are denial of service attacks? (Select two.)

Salami

Fraggle

Smurf

Hijacking

FRAGGLE AND SMURF

Which of the following are denial of service attacks? (Select two.)

Salami

Fraggle

Smurf

Hijacking

A

Which of the following describes a man-in-the-middle attack?

A person over the phone convinces an employee to reveal their logon credentials.

An IP packet is constructed which is larger than the valid size.

A false server intercepts communications from a client by impersonating the intended server.

Malicious code is planted on a system where it waits for a triggering event before activating.

C

A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form of attack?

Spoofing

Snooping

Spamming

Sniffing

A

A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack?

Teardrop attack

Land attack

SYN flood

Ping of death

B

Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?

Denial of service attack

Man-in-the-middle attack

Privilege escalation

Brute force attack

A

Which of the following is a form of denial of service attack that subverts the TCP three-way handshake process by attempting to open numerous sessions on a victim server but intentionally failing to complete the session by not sending the final required packet?

Ping of death

Teardrop

SYN attack

Session hijacking

C

Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?

Smurf

Session hijacking

Fraggle

Fingerprinting

A

In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of commonly used usernames and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue?

3DES Encryption

AES Encryption

A strong password policy

VLANs

C

What is spoofing?

Sending a victim unwanted and unrequested e-mail messages

Capturing network packets in order to examine the contents of communications

Changing or falsifying information in order to mislead or re-direct traffic

Spying into private information or communications

C

Why are brute force attacks always successful?

They can be performed in a distributed parallel processing environment

They are fast

They are platform independent

They test every possible valid combination

D

Dictionary attacks are often more successful when performed after what reconnaissance action?

Cutting the network cable

Site survey

ARP flooding

Social engineering

D

When an unauthorized intruder wishes to impersonate a legitimate client on your private network, which of the following actions will take place first?

Recording of incident by an IDS

Access violation

Spoofing

Sniffing

D

Which access control model manages rights and permissions based on job descriptions and responsibilities?

Task Based Access Control (TBAC)

Mandatory Access Control (MAC)

Discretionary Access Control (DAC)

Role Based Access Control (RBAC)

D

What does the Mandatory Access Control (MAC) method use to control access?

Sensitivity labels

Geographic location

Job descriptions

User accounts

A

Discretionary Access Control (DAC) manages access to resources using what primary element or aspect?

Age

Identity

Rules

Classification

B

Which of the following is an example of a single sign-on authentication solution?

Kerberos

Biometrics

RADIUS

Digital Certificates

A

Which of the following is not a characteristic of Kerberos?

End-to-end security

Symmetric key cryptography

Data Encryption Standard

Peer-to-peer relationships between entities

D

Which form of access control enforces security based on user identities and allows individual users to define access controls over owned resources?

DAC (Discretionary Access Control)

MAC (Mandatory Access Control)

RBAC (Role-based Access Control)

TBAC (Task-based Access Control)

A

What type of access control focuses on assigning privileges based on security clearance and data sensitivity?

TBAC (Task-based Access Control)

MAC (Mandatory Access Control)

RBAC (Role-based Access Control)

DAC (Discretionary Access Control)

B

What is another term for the type of logon credentials provided by a token device?

Biometric

One-time password

Two-factor authentication

Mutual authentication

B

Which of the following is the strongest form of multi-factor authentication?

A password and a biometric scan

Two-factor authentication

Two passwords

A password, a biometric scan, and a token device

D

What is mutual authentication?

A process by which each party in an online communication verifies the identity of the other party

The use of two or more authentication factors

Deploying CHAP and EAP on remote access connections

Using a CA (certificate authority) to issue certificates

A

Which of the following is not a form of biometric?

Retina scan

Token device

Face recognition

Fingerprint

B

What do biometrics use to perform authentication of identity?

Human characteristics

Ability to perform tasks

Possession of a device

Knowledge of passwords

A

Which of the following is a disadvantage of biometrics? (Choose two.)

They require time synchronization.

They can be circumvented using a brute force attack.

They have a potential for numerous false rejections.

Biometric factors for identical twins will be the same.

When used alone or solely, they are no more secure than a strong password.

C & E

Which form of authentication solution employs a hashed form of the user's password that has an added time stamp as a form of identity?

Certificates

Kerberos

Biometrics

Directory Service

B

What security mechanism uses a unique list for each object embedded directly in the object itself that defines which subjects have access to certain objects and the level or type of access allowed?

Hashing

User ACL

Kerberos

Mandatory access control

B

Which security mechanism describes valid pathways across a network that a packet can take and is used to juggle network traffic to provide the most efficient communications based upon current available knowledge of each path's status?

Firewall

Acceptable use policy

Network topology

Router ACL

D

Which of the following is a security mechanism that adds ACLs to individual ports?

TCP wrapper

IDS

Fingerprinting

Ping scanner

A

What is the most important aspect of a biometric device?

Accuracy

Throughput

Size of the reference profile

Enrollment time

A

What is the mandatory access control equivalent to the discretionary access control mechanism known as the principle of least privilege?

Separation of duties

Need to know

Clearance

Ownership

B

Need to know is required to access what types of resources?

High-security resources

Compartmentalized resources

Low-security resources

Resources with unique ownership

B

In what form of access control environment is access controlled by rules rather than by identity?

Most client-server environments

Discretionary access control (DAC)

Access control lists (ACLs)

Mandatory access control (MAC)

D

What form of access control is based on job descriptions?

Mandatory access control (MAC)

Role-based access control (RBAC)

Location-based access control (LBAC)

Discretionary access control (DAC)

B

Passwords submitted during logon can be encrypted using which of the following?

TCP Wrappers

L2TP (Layer Two Tunneling Protocol)

CHAP (Challenge Handshake Authentication Protocol)

Certificates

C

RADIUS (Remote Authentication Dial-In User Service) is primarily used for what purpose?

Managing RAID fault-tolerant drive configurations

Managing access to a network over a VPN

Pre-authenticating remote clients before access to the network is granted

Controlling entry gate access using proximity sensors

C

Which of the following remote access authentication technologies allows for the use of multi-factor authentication?

TACACS+ (Terminal Access Controller Access Control System Plus)

SLIP (Serial Line Interface Protocol)

L2F (Layer 2 Forwarding Protocol)

PPTP (Point to Point Tunneling Protocol)

RADIUS (Remote Authentication and Dial-In User Service )

A

Which of the following is most important to include in a security policy?

Callback must be caller defined

All dial-up connections must use PAP

Only 56K modems should be used

No active modems while connected directly to the LAN

D

The presence of unapproved modems on desktop systems gives rise to the LAN being vulnerable to which of the following?

Masquerading

Social engineering

Packet sniffing

War dialing

D

Which of the following methods can be used to secure modem-based remote access connections? (Select two.)

Callback

War dialing

Caller ID

Reverse PBX

A & C

Which remote access authentication protocol periodically and transparently re-authenticates during a logon session by default?

Certificates

PAP

CHAP

EAP

C

What is the RFC that modern day RADIUS was first based on?

RFC 1087

RFC 2138

RFC 1492

RFC 1918

B

A VPN (Virtual Private Network) is used primarily for what purpose?

Support the distribution of public Web documents

Allow remote systems to save on long distance charges

Allow the use of network-attached printers

Support secured communications over an untrusted network

D

CHAP (Challenge Handshake Authentication Protocol) performs which of the following security functions?

Links remote systems together

Protects usernames

Periodically verifies the identity of a peer using a three-way handshake

Allows the use of biometric devices

C

Which type of activity changes or falsifies information in order to mislead or re-direct traffic?

Spoofing

Sniffing

Spamming

Snooping

A

What is modified in the most common form of spoofing on a typical IP packet?

Protocol type field value

Destination address

Hash total

Source address

D

Which of the following is the most effective protection against IP packet spoofing on a private network?

Host-based IDS

Ingress and egress filters

Digital signatures

Anti-virus scanners

B

What is the most widely deployed VPN technology?

TCP/IP (Transmission Control Protocol/Internet Protocol)

IPSec (Internet Protocol Security)

RADIUS (Remote Authentication Dial-in User Service)

PPTP (Point to Point Tunneling Protocol)

B

Which VPN protocol typically employs IPSec as its data encryption mechanism?

L2F (Layer 2 Forwarding Protocol)

L2TP (Layer 2 Tunneling Protocol)

PPTP (Point to Point Tunneling Protocol)

PPP (Point to Point Tunneling Protocol)

B

PPTP (Point to Point Tunneling Protocol) is quickly becoming obsolete because of what VPN protocol?

L2F (Layer 2 Forwarding Protocol)

L2TP (Layer 2 Tunneling Protocol)

TACACS (Terminal Access Controller Access Control System)

SLIP (Serial Line Interface Protocol)

B

Telnet is inherently insecure because its communications is in plain text and easily intercepted. Which of the following is an acceptable alternative to Telnet?

SHTTP (Secure Hypertext Transfer Protocol)

SLIP (Serial Line Interface Protocol)

SSH (Secure Shell)

Remote Desktop

C

IPSec, unlike most security protocols, functions at what layer of the OSI model?

Application (Layer 7)

Session (Layer 5)

Network (Layer 3)

Data Link (Layer 2)

C

Which statement best describes IPSec when used in tunnel mode?

Packets are routed using the original headers, only the payload is encrypted

The identities of the communicating parties are not protected

The entire data packet, including headers, is encapsulated

IPSec in tunnel mode may not be used for WAN traffic

C

S/FTP (Secure FTP) uses which mechanism to provide security for authentication and data transfer?

SSL (Secure Sockets Layer)

Token devices

IPSec (Internet Protocol Security)

Multi-factor authentication

A

Which of the following is likely to be located in a DMZ (demilitarized zone) or a buffer subnet?

Domain controller

User workstations

Backup server

FTP server

D

FTP (File Transfer Protocol) and NNTP (Network News Transport Protocol) can both be secured using which of the following?

ICMP (Internet Control Message Protocol)

SLIP (Serial Line Interface Protocol)

SNMP (Simple Network Management Protocol)

SSL (Secure Sockets Layer)

D

Which of the following is the best device to deploy to protect your private network from a public untrusted network?

Hub

Router

Firewall

Gateway

C

A multi-homed firewall offers what advantage?

Protecting your trusted network even if the DMZ is compromised

Providing adequate bandwidth even when attacked by a Denial of Service attack

Supporting your company's e-commerce traffic

Providing an efficient system to distribute files to external users

A

Routers operate at what level of the Open System Interconnect model?

Layer 2

Network layer

Transport layer

Layer 5

B

Which of the following is a type of coaxial cable?

10Base5

10BaseT

UTP

STP

A

What category (CAT) level of UTP cable is rated to support 100 Mbps of throughput at a maximum distance of 100 meters?

CAT3

CAT4

CAT5

CAT7

C

The twisting of wire pairs within 10BaseT wiring is a countermeasure against?

Eavesdropping

Attenuation

Termination

Crosstalk

D

What is the primary difference between STP and UTP?

Number of wires within the cable

Number of twists per inch

Foil

Throughput capability

C

Which type of cable is most resistant to tapping and eavesdropping?

10Base2

10BaseT

Fiber optic

ThickNet

C

A virtual LAN can be created using which of the following?

Router

Gateway

Switch

Hub

C

A virtual LAN can be created using which of the following?

Router

Gateway

Switch

Hub

C

Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server?

176.16.0.0 - 172.31.255.255

192.168.0.0 - 192.168.255.255

10.0.0.0 - 10.255.255.255

169.254.0.0 - 169.254.255.255

D

Which of the following is not a benefit of NAT?

Improving the throughput rate of traffic

Hiding the network infrastructure from external entities

Using fewer public IP addresses

Preventing traffic initiations from outside the private network

A

Which of the following drive configurations is fault-tolerant?

RAID 5

Expanded volume set

RAID 0

Disk striping

A

Which of the following is considered a backdoor?

An unattended active workstation

An entry gate with a broken lock

The CON port on the back of a router

A weak password

C

Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted Internet?

Extranet

Intranet

Padded Cell

DMZ

D

Which of the following is a privately controlled portion of a network that is accessible to some specific external entities?

Intranet

Extranet

Internet

MAN

B

Which of the following protocols is most likely to be used when connecting into an extranet?

HTTP

IPSec

MPPP

NetBIOS

B

Which of the following can be defined as a WAN to support VPNs?

DMZ

Extranet

Internet

Intranet

C

A SYN attack or a SYN flood exploits or alters which element of the TCP three-way handshake?

ACK

FIN or RES

SYN

SYN/ACK

A

Which of the following is not an effective or reasonable safeguard to implement on network clients in order to reduce the risk of virus infection?

Scan e-mail attachments

System isolation

Disable removable drives

User behavior modification

B

Which IEEE standard defines the technologies used in wireless LAN networking?

802.11

802.3

802.8

802.5

A

In an organization that employs WEP (Wired Equivalent Privacy) to control access to WAP (Wireless Access Points), what is a significant vulnerability that must be repeatedly looked for?

Brute force login attacks

Unauthorized access points

Eavesdropping

War driving

B

On wireless networks, which technology is employed to provide the same type of protection that cables provide on a wired network?

WEP (Wired Equivalent Privacy)

SSL (Secure Sockets Layer)

L2TP (Layer 2 Tunneling Protocol)

TACACS (Terminal Access Controller Access Control System)

WPP (Wireless Protection Protocol)

A

WEP (Wired Equivalent Privacy) should be deployed for what purpose?

Prevent denial of service attacks by bandwidth consuming NICs

Restrict use of wireless access points

Extend the effective range of a wireless network

Managing network resource inventory

B

All of the 802.11x standards for wireless networking support which type of communication path sharing technology?

CSMA/CD (Carrier Sense Multiple Access with Collision Detection)

CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance)

Polling

Token passing

B

Which of the following is not an example of wireless networking communications?

2.4GHz radio waves

DSL

Infrared

802.1x

B

What is the primary use of tunneling?

Protecting passwords

Supporting private traffic through a public communication medium

Improving communication throughput

Deploying thin clients on a network

B

Which of the following is not a VPN tunnel protocol?

IPSec

RADIUS

L2TP

PPTP

B

Which of the following is not a VPN tunnel protocol?

IPSec

RADIUS

L2TP

PPTP

A

When a SYN flood is altered so that the SYN packets are spoofed in order to define the source and destination address as a single victim IP address, the attack is now called what?

Land attack

Analytic attack

Impersonation

Fraggle attack

A

The primary security feature that can be designed into a network's infrastructure to protect and support availability is?

Switches instead of hubs

Redundancy

Fiber optic cables

Periodic backups

B

What is the IEEE standard for Bluetooth?

802.5

802.11

802.16

802.15

D

From a corporate perspective, which of the following security services is usually the most important?

Redundancy

Confidentiality

Availability

Non-repudiation

C

A Smurf attack requires all but which of the following elements to be implemented?

Attacker system

Amplification or bounce network

Padded cell

Victim computer or network

C

Which of the following best describes the ping of death?

Sending multiple spoofed ICMP packets to the victim

An ICMP packet that is larger than 65,536 bytes

Partial IP packets with overlapping sequencing numbers

Redirecting echo responses from an ICMP communication

B

What is the primary security vulnerability of networking systems using 802.11 technology as opposed to non-802.11 networks?

Denial of service

Eavesdropping

Limited bandwidth

Replay attacks

B

The process of walking around an office building with an 802.11 signal detector is known as what?

War dialing

War driving

Driver signing

Daemon dialing

B

Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity?

Impersonation

Sniffing

Replay attack

Spam

D

You've just received an e-mail message that indicates a new serious malicious code threat is ravaging across the Internet. The message contains detailed information about the threat, its source code, and the damage it can inflict. The message states that you can easily detect whether or not you have already been a victim of this threat by the presence of three files in the /Windows/System32 folder. As a countermeasure, the message suggests that you delete these three files from your system to prevent further spread of the threat.
What should your first action based on this message be?

Delete the indicated files if present

Distribute the message to everyone in your address book

Perform a complete system backup

Reboot the system

Verify the information on well-known malicious code threat management Web sites

E

What is the most common type of host-based intrusion detection system (IDS)?

Honey pots or padded cells

Anti-virus software

Firewalls

Penetration or vulnerability testing

B

Which of the following common network monitoring or diagnostic activity can be used as a passive malicious attack?

Sniffing

Logic bombs

Packet capture, edit, and re-transmission

Denial of service

A

Network-based intrusion detection is most suited to detect and prevent which types of attacks?

Bandwidth-based denial of service

Brute force password attack

Buffer overflow exploitation of software

Application implementation flaw

A

Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database?

Signature-based

Anomaly analysis-based

Heuristics-based

Stateful inspection-based

A

What is the most common form of host-based IDS that employs signature or pattern matching detection methods?

Motion detectors

Anti-virus software

Firewalls

Honey pots

B

What do host-based intrusion detection systems often rely upon to perform their detection activities?

Remote monitoring tools

Host system auditing capabilities

External sensors

Network traffic

B

A honey pot is used for what purpose?

To entrap intruders

To disable an intruder's system

To prevent sensitive data from being accessed

To delay intruders in order to gather auditing data

D

What actions can a typical passive Intrusion Detection System (IDS) take when it detects an attack? (Select two.)

LAN-side clients are halted and removed from the domain

An alert is generated and delivered via e-mail, the console, or an SNMP trap

The IDS configuration is changed dynamically and the source IP address is banned

The IDS logs all pertinent data about the intrusion

B & D

Which of the following activities are considered passive in regards to the functioning of an intrusion detection system? (Choose two.)

Transmitting FIN or RES packets to an external host

Disconnecting a port being used by a zombie

Monitoring the audit trails on a server

Listening to network traffic

C & D

An active IDS system often performs which of the following actions? (Select two.)

Perform reverse lookups to identify an intruder

Trap and delay the intruder until the authorities arrive

Request a second logon test for users performing abnormal activities

Update filters to block suspect traffic

A & D

Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations?

Switch

Padded cell

Firewall

IDS

D

What is the best and only means to provide security for Internet-based e-mail communications?

Strong ACLs on client systems

Message encryption

Auditing e-mail activity

Delivery receipts

B

Which of the following is the least effective protection against zero day malicious code?

User education

Blocking e-mail attachments

Anti-virus software

Using hashing to check file changes

C

What security mechanism can be used to detect attacks originating on the Internet or from within an internal trusted subnet?

Biometric system

Security alarm

IDS

Firewall

C

As the victim of a Smurf attack, what protection measure is the most effective during the attack?

Blocking all attack vectors with firewall filters

Communicating with your upstream provider

Updating your anti-virus software

Turning off the connection to the ISP

B

Which of the following is not a protection against session hijacking?

DHCP reservations

Anti IP spoofing

Time stamps

Packet sequencing

A

Which of the following is the best protection against security violations?

Fortress mentality

Bottom up decision making

Defense in depth

Monolithic security

C

Which of the following is the best protection against security violations?

Fortress mentality

Bottom up decision making

Defense in depth

Monolithic security

B

Which of the following is not a means to perform secure fax transmissions?

Always send a cover page with CONFIDENTIAL boldly displayed.

Use a fax machine that is capable of cryptographic transmission.

Only send faxes to organizations that do not automatically print received documents in a public location.

Employ an encrypted telephone line.

A

Which of the following is the least secure activity when performing voice communications?

Using a VOIP system

Using your cell phone while in a public place

Using an encrypted PBX

Using a cell phone with a PKI SID card

B

See More

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set