Shared Flashcard Set

Details

Security + Comptia 301
288 Questions, Multiple Choice
80
Computer Science
12th Grade
02/27/2013
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Science Flashcards

 

 

Cards

Term
A password history value of three means which of the following?
A. Three different passwords are used before one can be reused.
B. A password cannot be reused once changed for three years.
C. After three hours a password must be re-entered to continue.
D. The server stores passwords in the database for three days.
 Definition
A
Term
In order to provide flexible working conditions, a company has decided to allow some employees
remote access into corporate headquarters. Which of the following security technologies could be
used to provide remote access? (Select TWO).
A. Subnetting
B. NAT
C. Firewall
D. NAC
E. VPN
 Definition
C,E
Term
Which of the following is the BEST approach to perform risk mitigation of user access control
rights?
A. Conduct surveys and rank the results.
B. Perform routine user permission reviews.
C. Implement periodic vulnerability scanning.
D. Disable user accounts that have not been used within the last two weeks.
 Definition
B
Term
Which of the following devices is BEST suited for servers that need to store private keys?
A. Hardware security module
B. Hardened network firewall
C. Solid state disk drive
D. Hardened host firewall
 Definition
A
Term
All of the following are valid cryptographic hash functions EXCEPT:
A. RIPEMD.
B. RC4.
C. SHA-512.
D. MD4.
 Definition
B
Term
Which of the following can prevent an unauthorized person from accessing the network by
plugging into an open network jack?
A. 802.1x
B. DHCP
C. 802.1q
D. NIPS
 Definition
A
Term
A targeted email attack sent to Sara, the company’s Chief Executive Officer (CEO), is known as
which of the following?
A. Whaling
B. Bluesnarfing
C. Vishing
D. Dumpster diving
 Definition
A
Term
After verifying that the server and database are running, Jane, the administrator, is still unable to
make a TCP connection to the database. Which of the following is the MOST likely cause for this?
A. The server has data execution prevention enabled
B. The server has TPM based protection enabled
C. The server has HIDS installed
D. The server is running a host-based firewall
 Definition
D
Term
In regards to secure coding practices, why is input validation important?
A. It mitigates buffer overflow attacks.
B. It makes the code more readable.
C. It provides an application configuration baseline.
D. It meets gray box testing standards.
 Definition
A
Term
Which of the following is a best practice before deploying a new desktop operating system image?
A. Install network monitoring software
B. Perform white box testing
C. Remove single points of failure
D. Verify operating system security settings
 Definition
D
Term
Which of the following steps should follow the deployment of a patch?
A. Antivirus and anti-malware deployment
B. Audit and verification
C. Fuzzing and exploitation
D. Error and exception handling
 Definition
B
Term
Which of the following would be used when a higher level of security is desired for encryption key
storage?
A. TACACS+
B. L2TP
C. LDAP
D. TPM
 Definition
D
Term
A security administrator needs to determine which system a particular user is trying to login to at
various times of the day. Which of the following log types would the administrator check?
A. Firewall
B. Application
C. IDS
D. Security
 Definition
D
Term
If Pete, a security administrator, wants to ensure that certain users can only gain access to the
system during their respective shifts, which of the following best practices would he implement?
A. Separation of duties
B. Time of day restrictions
C. Implicit deny rule
D. Least privilege
 Definition
B
Term
Which of the following MUST be updated immediately when an employee is terminated to prevent
unauthorized access?
A. Registration
B. CA
C. CRL
D. Recovery agent
 Definition
C
Term
A small business owner has asked the security consultant to suggest an inexpensive means to
deter physical intrusions at their place of business. Which of the following would BEST meet their
request?
A. Fake cameras
B. Proximity readers
C. Infrared cameras
D. Security guards
 Definition
A
Term
Employee badges are encoded with a private encryption key and specific personal information.
The encoding is then used to provide access to the network. Which of the following describes this
access control type?
A. Smartcard
B. Token
C. Discretionary access control
D. Mandatory access control
 Definition
A
Term
Which of the following devices would MOST likely have a DMZ interface?
A. Firewall
B. Switch
C. Load balancer
D. Proxy
 Definition
A
Term
A security administrator is observing congestion on the firewall interfaces and a high number of
half open incoming connections from different external IP addresses. Which of the following attack
types is underway?
A. Cross-site scripting
B. SPIM
C. Client-side
D. DDoS
 Definition
D
Term
Which of the following tools would Matt, a security administrator, MOST likely use to analyze a
malicious payload?
A. Vulnerability scanner
B. Fuzzer
C. Port scanner
D. Protocol analyzer
 Definition
D
Term
Which of the following application security testing techniques is implemented when an automated
system generates random input data?
A. Fuzzing
B. XSRF
C. Hardening
D. Input validation
malicious payload?
A. Vulnerability scanner
B. Fuzzer
C. Port scanner
D. Protocol analyzer
 Definition
A
Term
Which of the following can be used by a security administrator to successfully recover a user’s
forgotten password on a password protected file?
A. Cognitive password
B. Password sniffing
C. Brute force
D. Social engineering
 Definition
C
Term
A security administrator wants to check user password complexity. Which of the following is the
BEST tool to use?
A. Password history
B. Password logging
C. Password cracker
D. Password hashing
 Definition
C
Term
Certificates are used for: (Select TWO).
A. client authentication.
B. WEP encryption.
C. access control lists.
D. code signing.
E. password hashing.
 Definition
A,D
Term
Which of the following is a hardware based encryption device?
A. EFS
B. TrueCrypt
C. TPM
D. SLE
 Definition
C
Term
Which of the following BEST describes a protective countermeasure for SQL injection?
A. Eliminating cross-site scripting vulnerabilities
B. Installing an IDS to monitor network traffic
C. Validating user input in web applications
D. Placing a firewall between the Internet and database servers
 Definition
C
Term
Which of the following BEST describes a common security concern for cloud computing?
A. Data may be accessed by third parties who have compromised the cloud platform
B. Antivirus signatures are not compatible with virtualized environments
C. Network connections are too slow
D. CPU and memory resources may be consumed by other servers in the same cloud
 Definition
A
Term
Which of the following MOST interferes with network-based detection techniques?
A. Mime-encoding
B. SSL
C. FTP
D. Anonymous email accounts
 Definition
B
Term
A certificate authority takes which of the following actions in PKI?
A. Signs and verifies all infrastructure messages
B. Issues and signs all private keys
C. Publishes key escrow lists to CRLs
D. Issues and signs all root certificates
 Definition
D
Term
Use of a smart card to authenticate remote servers remains MOST susceptible to which of the
following attacks?
A. Malicious code on the local system
B. Shoulder surfing
C. Brute force certificate cracking
D. Distributed dictionary attacks
 Definition
A
Term
Separation of duties is often implemented between developers and administrators in order to
separate which of the following?
A. More experienced employees from less experienced employees
B. Changes to program code and the ability to deploy to production
C. Upper level management users from standard development employees
D. The network access layer from the application access layer
 Definition
B
Term
A security administrator needs to update the OS on all the switches in the company. Which of the
following MUST be done before any actual switch configuration is performed?
A. The request needs to be sent to the incident management team.
B. The request needs to be approved through the incident management process.
C. The request needs to be approved through the change management process.
D. The request needs to be sent to the change management team.
 Definition
C
Term
Jane, an individual, has recently been calling various financial offices pretending to be another
person to gain financial information. Which of the following attacks is being described?
A. Phishing
B. Tailgating
C. Pharming
D. Vishing
 Definition
D
Term
The security administrator wants each user to individually decrypt a message but allow anybody to
encrypt it. Which of the following MUST be implemented to allow this type of authorization?
A. Use of CA certificate
B. Use of public keys only
C. Use of private keys only
D. Use of public and private keys
 Definition
D
Term
A user in the company is in charge of various financial roles but needs to prepare for an upcoming
audit. They use the same account to access each financial system. Which of the following security
controls will MOST likely be implemented within the company?
A. Account lockout policy
B. Account password enforcement
C. Password complexity enabled
D. Separation of duties
 Definition
D
Term
An employee is granted access to only areas of a network folder needed to perform their job.
Which of the following describes this form of access control?
A. Separation of duties
B. Time of day restrictions
C. Implicit deny
D. Least privilege
 Definition
D
Term
A CRL is comprised of:
A. malicious IP addresses.
B. trusted CA’s.
C. untrusted private keys.
D. public keys.
 Definition
D
Term
Sara, a user, downloads a keygen to install pirated software. After running the keygen, system
performance is extremely slow and numerous antivirus alerts are displayed. Which of the following
BEST describes this type of malware?
A. Logic bomb
B. Worm
C. Trojan
D. Adware
 Definition
C
Term
Which of the following may significantly reduce data loss if multiple drives fail at the same time?
A. Virtualization
B. RAID
C. Load balancing
D. Server clustering
 Definition
B
Term
Which of the following should be considered to mitigate data theft when using CAT5 wiring?
A. CCTV
B. Environmental monitoring
C. Multimode fiber
D. EMI shielding
 Definition
D
Term
To help prevent unauthorized access to PCs, a security administrator implements screen savers
that lock the PC after five minutes of inactivity. Which of the following controls is being described
in this situation?
A. Management
B. Administrative
C. Technical
D. Operational
 Definition
C
Term
Pete, a network administrator, is capturing packets on the network and notices that a large amount
of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment
that traffic from the other traffic?
A. Connect the WAP to a different switch.
B. Create a voice VLAN.
C. Create a DMZ.
D. Set the switch ports to 802.1q mode.
 Definition
B
Term
Which of the following IP addresses would be hosts on the same subnet given the subnet mask
255.255.255.224? (Select TWO).
A. 10.4.4.125
B. 10.4.4.158
C. 10.4.4.165
D. 10.4.4.189
E. 10.4.4.199
 Definition
C,D
Term
Which of the following algorithms has well documented collisions? (Select TWO).
A. AES
B. MD5
C. SHA
D. SHA-256
E. RSA
 Definition
B,C
Term
Jane, the security administrator, needs to be able to test malicious code in an environment where
it will not harm the rest of the network. Which of the following would allow Jane to perform this kind
of testing?
A. Local isolated environment
B. Networked development environment
C. Infrastructure as a Service
D. Software as a Service
 Definition
A
Term
A company is sending out a message to all users informing them that all internal messages need
to be digitally signed. This is a form of which of the following concepts?
A. Availability
B. Non-repudiation
C. Authorization
D. Cryptography
 Definition
B
Term
Which of the following transportation encryption protocols should be used to ensure maximum
security between a web browser and a web server?
A. SSLv2
B. SSHv1
C. RSA
D. TLS
 Definition
D
Term
Developers currently have access to update production servers without going through an approval
process. Which of the following strategies would BEST mitigate this risk?
A. Incident management
B. Clean desk policy
C. Routine audits
D. Change management
 Definition
D
Term
A server containing critical data will cost the company $200/hour if it were to be unavailable due to
DoS attacks. The security administrator expects the server to become unavailable for a total of two
days next year. Which of the following is true about the ALE?
A. The ALE is $48.
B. The ALE is $400.
C. The ALE is $4,800.
D. The ALE is $9,600.
 Definition
D
Term
To reduce an organization’s risk exposure by verifying compliance with company policy, which of
the following should be performed periodically?
A. Qualitative analysis
B. Quantitative analysis
C. Routine audits
D. Incident management
 Definition
C
Term
Which of the following is a difference between TFTP and FTP?
A. TFTP is slower than FTP.
B. TFTP is more secure than FTP.
C. TFTP utilizes TCP and FTP uses UDP.
D. TFTP utilizes UDP and FTP uses TCP.
 Definition
D
Term
A system administrator decides to use SNMPv3 on the network router in AuthPriv mode. Which of
the following algorithm combinations would be valid?
A. AES-RC4
B. 3DES-MD5
C. RSA-DSA
D. SHA1-HMAC
 Definition
B
Term
Which of the following are encryption algorithms that can use a 128-bit key size? (Select TWO).
A. AES
B. RC4
C. Twofish
D. DES
E. SHA2
 Definition
A,C
Term
Matt, an administrator, notices a flood fragmented packet and retransmits from an email server.
After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in
sequence again. Which of the following utilities was he MOST likely using to view this issue?
A. Spam filter
B. Protocol analyzer
C. Web application firewall
D. Load balancer
 Definition
B
Term
Which of the following specifications would Sara, an administrator, implement as a network access
control?
A. 802.1q
B. 802.3
C. 802.11n
D. 802.1x
 Definition
D
Term
Which of the following is characterized by an attacker attempting to map out an organization’s staff
hierarchy in order to send targeted emails?
A. Whaling
B. Impersonation
C. Privilege escalation
D. Spear phishing
 Definition
A
Term
Which of the following defines when Pete, an attacker, attempts to monitor wireless traffic in order
to perform malicious activities?
A. XSS
B. SQL injection
C. Directory traversal
D. Packet sniffing
 Definition
D
Term
Which of the following provides the MOST protection against zero day attacks via email
attachments?
A. Anti-spam
B. Anti-virus
C. Host-based firewalls
D. Patch management
 Definition
A
Term
Which of the following would MOST likely ensure that swap space on a hard disk is encrypted?
A. Database encryption
B. Full disk encryption
C. Folder and file encryption
D. Removable media encryption
 Definition
B
Term
Which of the following access controls enforces permissions based on data labeling at specific
levels?
A. Mandatory access control
B. Separation of duties access control
C. Discretionary access control
D. Role based access control
 Definition
A
Term
A username provides which of the following?
A. Biometrics
B. Identification
C. Authorization
D. Authentication
 Definition
B
Term
Use of group accounts should be minimized to ensure which of the following?
A. Password security
B. Regular auditing
C. Baseline management
D. Individual accountability
 Definition
D
Term
Privilege creep among long-term employees can be mitigated by which of the following
procedures?
A. User permission reviews
B. Mandatory vacations
C. Separation of duties
D. Job function rotation
 Definition
A
Term
In which of the following scenarios is PKI LEAST hardened?
A. The CRL is posted to a publicly accessible location.
B. The recorded time offsets are developed with symmetric keys.
C. A malicious CA certificate is loaded on all the clients.
D. All public keys are accessed by an unauthorized user.
 Definition
C
Term
Configuring the mode, encryption methods, and security associations are part of which of the
following?
A. IPSec
B. Full disk encryption
C. 802.1x
D. PKI
 Definition
A
Term
Which of the following assessments would Pete, the security administrator, use to actively test that
an application’s security controls are in place?
A. Code review
B. Penetration test
C. Protocol analyzer
D. Vulnerability scan
 Definition
B
Term
Which of the following would be used to identify the security posture of a network without actually
exploiting any weaknesses?
A. Penetration test
B. Code review
C. Vulnerability scan
D. Brute Force scan
 Definition
C
Term
A security administrator has just finished creating a hot site for the company. This implementation
relates to which of the following concepts?
A. Confidentiality
B. Availability
C. Succession planning
D. Integrity
 Definition
B
Term
In the initial stages of an incident response, Matt, the security administrator, was provided the hard
drives in question from the incident manager. Which of the following incident response procedures
would he need to perform in order to begin the analysis? (Select TWO).
A. Take hashes
B. Begin the chain of custody paperwork
C. Take screen shots
D. Capture the system image
E. Decompile suspicious files
 Definition
A,D
Term
Which of the following is used to certify intermediate authorities in a large PKI deployment?
A. Root CA
B. Recovery agent
C. Root user
D. Key escrow
 Definition
A
Term
Which of the following components MUST be trusted by all parties in PKI?
A. Key escrow
B. CA
C. Private key
D. Recovery key
 Definition
B
Term
Which of the following should Matt, a security administrator, include when encrypting
smartphones? (Select TWO).
A. Steganography images
B. Internal memory
C. Master boot records
D. Removable memory cards
E. Public keys
 Definition
B,D
Term
When checking his webmail, Matt, a user, changes the URL’s string of characters and is able to
get into another user’s inbox. This is an example of which of the following?
A. Header manipulation
B. SQL injection
C. XML injection
D. Session hijacking
 Definition
D
Term
Elliptic curve cryptography: (Select TWO)
A. is used in both symmetric and asymmetric encryption.
B. is used mostly in symmetric encryption.
C. is mostly used in embedded devices.
D. produces higher strength encryption with shorter keys.
E. is mostly used in hashing algorithms.
 Definition
C,D
Term
Which of the following is the below pseudo-code an example of?
IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT
A. Buffer overflow prevention
B. Input validation
C. CSRF prevention
D. Cross-site scripting prevention
 Definition
B
Term
Which of the following would an antivirus company use to efficiently capture and analyze new and
unknown malicious attacks?
A. Fuzzer
B. IDS
C. Proxy
D. Honeynet
 Definition
D
Term
Why is it important for a penetration tester to have established an agreement with management as
to which systems and processes are allowed to be tested?
A. Penetration test results are posted publicly, and some systems tested may contain corporate
secrets.
B. Penetration testers always need to have a comprehensive list ofservers, operating systems,
IPsubnets, and department personnel prior to ensure a complete test.
C. Having an agreement allows the penetration tester to look for other systems out of scope and
test them for threats against the in-scope systems.
D. Some exploits when tested can crash or corrupt a system causing downtime or data loss.
 Definition
D
Term
A system administrator is using a packet sniffer to troubleshoot remote authentication. The
administrator detects a device trying to communicate to TCP port 49. Which of the following
authentication methods is MOST likely being attempted?
A. RADIUS
B. TACACS+
C. Kerberos
D. LDAP
 Definition
B
Term
An administrator wants to minimize the amount of time needed to perform backups during the
week. It is also acceptable to the administrator for restoration to take an extended time frame.
Which of the following strategies would the administrator MOST likely implement?
A. Full backups on the weekend and incremental during the week
B. Full backups on the weekend and full backups every day
C. Incremental backups on the weekend and differential backups every day
D. Differential backups on the weekend and full backups every day
 Definition
A
Term
Which of the following can be used in code signing?
A. AES
B. RC4
C. GPG
D. CHAP
 Definition
Supporting users have an ad free experience!