Terms in this set (166)
A software or hardware that checks information coming from the Internet and depending on the applied configuration settings either blocks it or allows it to pass through is called:
A device designed to forward data packets between networks is called:
Allowing a connection through a firewall is known as creating:
A network device designed for managing the optimal distribution of workloads across multiple computing resources is called:
The last default rule on a firewall is to:
deny all traffic
A computer network service that allows clients to make indirect network connections to other network services is called:
Which of the terms listed below refers to a security solution implemented on an individual computer host monitoring that specific system for malicious activities or policy violations?
One of the measure for securing networking devices includes:
the practice of disabling unused ports
Which of the following ensures the privacy of a VPN connection?
Which of the following answers refers to a dedicated device for managing secure connections established over an untrusted network, such as the internet?
Which of the following acronyms refers to a network or host based monitoring system designed to automatically alert administrators of known or suspected unauthorized activity?
A software tool used for monitoring and examining contents of the network traffic is known as:
packet sniffer or protocol analyzer
Which of the following answers list the protocol and port number used by a spam filter?
Which of the following acronyms refers to a network security solution combining the functionality of a firewall with additional safeguards such as URL filtering, content inspection, or malware inspection?
URL filtering restricts access to Internet sites based on:
Which of the following network security solutions inspects network traffic in real-time and has the capability to stop the ongoing attack?
Which of the following acronyms refers to a firewall controlling access to a web server?
Which of the answers listed below refers to a set of rules that specify which users or system processes are granted access to objects as well as what operations are allowed on a given object?
Which of the following actions can be taken by passive IDS?
logging and sending an alert
802.1x is an IEEE standard defining:
port-based network access control
An access control model in which access to resources is granted or denied depending on Access Control List (ACL) entries is also known as: rule-based access control
A type of IDS that relies on the previously established baseline of normal network activity in order to detect intrusion is known as:
behavior or heuristic
Which of the following security solutions provides a countermeasure against denial-of-service attack characterized by increasing number of half-open connections?
Which of the protocols listed below protects against switching loops?
A type of IDS that relies on known attack patterns to detect an intrusion is known as:
Which of the following policies applies to any requests that fall outside the criteria defined in an ACL?
Implicit deny policy
A lightly protected subnet placed on the outside of the company's firewall consisting of publicly available servers is known as:
Which part of the 192.168.1.5/24 address identifies its network ID?
Which of the following refers to a solution allowing companies to cut costs related to the managing of internal calls?
A solution that allows to make phone calls over a broadband Internet connection instead of typical analog telephone lines is known as:
255.255.255.224 is what kind of subnet mask?
What type of system can be compromised through phreaking?
Which of the following terms refers to a logical grouping of computers that allow computer hosts to act as if they were attached to the same broadcast domain, regardless of their physical location?
Which security measure is in place when a client is denied access to the network due to outdated antivirus software?
Which of the following terms refers to a technology that allows multiple operating systems to work simultaneously on the same hardware?
A security stance whereby a host is being granted/denied permissions based on its actions after it has been provided with the access to the network is known as:
Which of the following solutions is used to hide the internal IP addresses by modifying IP address information in the IP packet headers while in transit across a traffic routing device?
VLAN membership can be sent through:
trunk port, physical address, and MAC address
In which of the cloud computing infrastructure types clients, instead of buying all the hardware and software, purchase computing resources as an outsourced service from suppliers who own and maintain all the necessary equipment?
Which of the following cloud services types would provide the best solution for a web developer intending to create a web app?
A cloud computing infrastructure type where applications are hosted over a network (typically Internet) eliminating the need to install and run the software on the customer's own computers is called:
A concept of effective security posture employing multiple tools and different techniques to slow down an attacker is known as:
layered security and defense in depth
Which of the IPsec modes provides entire packet encryption:
Which protocol is used in network management systems for monitoring network-attached devices?
Which of the following protocols transmits data in an unencrypted form?
SNMPv1, FTP, and Telnet
A group that consists of SNMP devices and one or more SNMP managers is known as: SNMP community
Which of the following protocols was designed as a secure replacement for Telnet?
A system used to convert a computer's host name into an IP address on the Internet is known as:
DNS database AAAA record identifies:
Which of the following protocols are used for securing HTTP connections?
SSL and TLS
Which of the answers listed below refers to a suite of protocols used for connecting hosts on the Internet?
What is an extension of FTP that adds support for the TLS and SSL cryptographic protocols?
The SCP protocol is used for:
secure file transfer
Which of the protocols listed below is used by the PING utility?
Which of the following answers lists the IPv6 loopback address?
A network standard for linking data storage devices over an IP network is known as:
Which of the protocols listed below facilitate communication between SAN devices?
iSCSI and FCoE
The FTP protocol is designed for:
A network protocol for secure file transfer over SSH is called:
Which of the protocols does not provide authentication?
Which of the following protocols was designed as a secure replacement for Telnet?
FTP runs by default on ports:
20 and 21
Which of the protocols listed below run on port 22:
SSH, SCP, SFTP
Port number 23 is used by:
Which of the following TCP ports is used by SMTP:
DNS runs on port:
An HTTP traffic can be established by opening port:
Which of the following ports enable retrieving email messages from a remote server:
110 and 143
Which of the port numbers are used by NetBIOS?
IMAP runs on TCP port:
Which of the following TCP ports is used by HTTPS:
Which of the answers listed below refers to the default port number for a Microsoft-proprietary remote connection protocol:
Which of the following protocols operates at layer 3 of the OSI model?
IPsec, IPv6, IPv4, and ICMP
In the OSI model, TCP resides at the:
Which of the following wireless encryption schemes offers the highest level of protection?
Which of the wireless security protocols listed below has been deprecated in favor of newer standards due to known vulnerabilities?
Which of the answers listed below refers to an authentication framework frequently used in wireless networks and point-to-point connections?
A network access control method whereby the 48-bit address assigned to each network card is used to determine access to the network is known as:
A wireless name is also referred to as:
Which of the following protocols was introduced to strengthen existing WEP implementations without requiring the replacement of legacy hardware?
Disabling SSID broadcast:
makes a WLAN harder to discover
Which of the protocols listed below encapsulates EAP within an encrypted and authenticated TLS tunnel:
AES-based encryption mode implemented in WPA2 is known as:
An optimal WAP antenna placement provides a countermeasure against:
war driving and site survey
Which of the following WAP configuration settings allows for adjusting the boundary range of the wireless signal?
power level controls
Which of the answers listed below refers to a solution allowing administrators to block Internet access for users until they perform required action?
Which of the following antenna types would provide the best coverage for workstations connecting to a WAP placed in a central point of a typical office?
omnidirectional and non-directional
Which of the answers listed below refers to wireless site survey?
Which of the following examples falls into the category of technical security controls?
An antivirus software identifying non-malicious file as a virus due to faulty virus signature file is an example of:
false positive error
Which of the examples listed below falls into the category of operational security controls:
Which of the following terms refers to a situation where no alarm is raised when an attack has taken place:
A policy outlining ways of collecting and managing personal data is known as:
Which of the following acronyms refers to a set of rules enforced in a network that restrict the use to which the network may be put?
One way to mitigate the occurrence of fraudulent activity within the company is to enforce:
mandatory vacations policy
Which of the answers listed below refers to a concept of having more than one person required to complete a given task?
separation of duties
A security rule that prevents users from accessing information and resources that lie beyond the scope of their responsibilities is known as:
principle of least privilege
Which of the following acronyms refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?
Single Loss Expectancy = Asset Value (AV) x Exposure Factor (EF). The _________ refers to the impact of the risk over the asset, or percentage of asset lost when a specific threat is realized.
Which of the following terms is used to describe the loss of value to an asset based on a single security incident?
An estimate based on the historical data of how often a threat would be successful in exploiting a vulnerability is known as:
Which of the answers listed below refers to the correct formula for calculating probable financial loss due to a risk over a one-year period?
ALE = ARO x SLE
Which of the following terms is used to describe the average time required to repair a failed component or device?
High _________ value indicates that a component or system provides high reliability and is less likely to fail.
A calculation of the Single Loss Expectancy (SLE) is an example of:
quantitative risk assessment
Assessment of risk probability and its impact based on subjective judgement falls into the category of:
qualitative risk assessment
A path or tool allowing an attacker to gain unauthorized access to a system or network is known as:
In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat:
Contracting out a specialized technical component when the company's employees lack the necessary skills is an example of:
Disabling certain system functions or shutting down the system when risks are identified is an example of:
Which of the answers listed below exemplifies an implementation of risk transference methodology?
Which of the following terms relates closely to the concept of residual risk?
What type of risk management strategy is in place when accessing the network involves a login banner warning designed to inform potential attacker of the likelihood of getting caught?
Which of the following security control types can be used in implementing a risk mitigation strategy?
technical, management and operational
Which of the terms listed below refers to one of the hardware-related disadvantages of the virtualization technology?
single point of failure
Which of the following acronyms refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster?
___________ is the targeted duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity.
An agreement between a service provider and the user defining the nature, availability, quality, and scope of the service to be provided is known as:
Which of the following answers refers to a key document governing the relationship between two business organizations?
A document established between two or more parties to define their respective responsibilities in accomplishing a particular goal or mission is known as:
Which of the answers below refers to an agreement established between the organizations that own and operate connected IT systems to document the technical requirements of the interconnection?
Which of the following functionalities allows a DLP system to fulfill its role?
In forensic procedures, a sequence of steps in which different types of evidence should be collected is known as:
order of volatility
In forensic procedures, a chronological record outlining persons in possession of an evidence is referred to as:
chain of custody
Which of the following answers lists an example order of volatility for a typical computer system?
Memory dump, temporary files, disk files, archival media
An exact copy of the entire state of a computer system is called:
In forensic analysis, taking hashes ensures that the collected evidence retains:
Which of the following security controls provides confidentiality:
encryption and steganography
Steganography allows for:
hiding data within another piece of data
Which of the following security controls provides integrity:
hashing, digital signatures, and non-repudiation
What is the purpose of non-repudiation:
preventing someone from denying that they have taken specific action
Which of the following answers refers to a general term used to describe software designed specifically to damage or disrupt the operation of a computer system:
What is adware:
software that displays advertisements
A computer program containing malicious segment that attaches itself to an application program or other executable component is called:
Malicious software collecting information about users without their knowledge / consent is called:
Which of the following answers refers to malicious software performing unwanted and harmful actions in disguise of a legitimate and useful program?
Software that cannot be clearly classified as malware is referred to as:
What is the function of Windows Defender software:
Protection against spyware and other potentially unwanted software
A collection of software tools used by a hacker in order to mask intrusion and obtain administrator-level access to a computer or computer network is known as:
Which of the following answers refers to an undocumented way of gaining access to a program, online service, or an entire computer system:
Malicious code activated by a specific event is known as:
A group of computers running malicious software under control of a hacker is referred to as:
Malware that restricts access to a computer system by encrypting files or locking the entire system down until the user performs requested action is known as:
The process by which malicious software changes its underlying code to avoid detection is called:
A type of virus that takes advantage of various mechanisms specifically designed to make tracing, disassembling, and reverse engineering its code more difficult is known as:
Which of the following is an example of active eavesdropping?
Which of the following attacks uses multiple compromised computer systems against its target?
A ___________ occurs when an attacker intercepts user credentials and tries to use this information later for gaining unauthorized access to resources on a network.
Which of the following authentication protocols offers countermeasures against replay attacks?
IPsec, Kerberos, and CHAP
An email sent from unknown source disguised as a source known to the message receiver is an example of:
Which of the following answers apply to smurf attack?
IP spoofing, DDoS, and Large amount of ICMP echo replies
A fraudulent email requesting its recipient to reveal sensitive information used later by an attacker for the purpose of identity theft is an example of:
phishing and social engineering
Unsolicited messages received over an instant messaging system are known as:
The practice of using a telephone system to manipulate a user into disclosing confidential information is called:
Phishing scams targeting selected individuals/groups of users are referred to as:
Which of the answer listed below apply to an xmas attack?
port scan and DoS attack
Which of the following answers list the characteristics of pharming:
DNS poisoning and domain spoofing
The DNS service is used for translating:
domain names into IP address
Which of the following answers refers to a DNS poisoning attack?
Address Resolution Protocol (ARP) translates: IP addresses into MAC addresses and network layer addresses into link layer addresses
Which of the following exploits takes advantage of spoofed MAC address?
Which of the following password attacks requires the most computing power?
brute force attack
Which of the following password attacks takes advantage of a predefined list of words?
_____________ are lookup tables used to speed up the process of password guessing.
Which of the following answers refers to the contents of a rainbow table entry?
hash / password
The term ____________ refers to the practice of registering misspelled domain names closely resembling other well established and popular domain names in hopes of getting internet traffic from users who would make errors while typing in the web address in their browsers.