Card Set Information

2010-05-02 01:59:59

Security + exam question study cards
Show Answers:

  1. What is Authentication?
    Proves Identity
  2. What is Authorization?
    Identifies resources a user can access.
  3. What is Availability?
    Ensures that data is accessible to authorized users.
  4. What is Confidentiality?
    Ensures that only authorized parties can view information.
  5. What is exploiting?
    To take advantage of a vulnerability.
  6. What is integrity?
    Ensures that information is correct and that no unauthorized users or malicious software has altered the data.
  7. ActiveX downloads to a computer and does not run in a sandbox?
  8. Examples of Bluesnarfing?
    Accessing calendars and contacts via bluetooth w/o perms.
  9. What is bluejacking?
    Sending business cards via bluetooth in range.
  10. What is a zone transfer?
    Transfer of info between DNS servers. (exchanging info)
  11. What is SNMP?
    Protocol used to manage network devices.
  12. What is TKIP and what does it replace?
    Temporal Key Integrity Protocol is an encryption technology used to replace WEP.
  13. What is RC4?
    Cipher algorithm used in WEP, Replaces one char with another char.
  14. What is the mnemonics for symmetric keys?
    I had a REALLY COOL IDEA (RC4,5,&6) to walk around the BLOCK (BLOCK CYPHER) and CAST in a STREAM (STREAM CYPHER) for some FISH. I caught TWOFISH that were BLOWFISH and in fact it wasn’t a really cool idea, I thought it was my DEStiny. (DES, 3DES and AES)
  15. What are the disadvantages of using symmetric encryption over asymmetric encryption?
    • 1.Inability to support non-repudiation: Since both the sender and receiver use the same key, it is difficult to determine who is the sender, should a dispute arise.
    • 2.Impractical for web commerce: Imagine thousands of customers buying goods and services over the Internet. If symmetric encryption standard is used, one unique private key-pair needs to be used for each user. It is therefore, impractical.
    • 3.Another major difficult is with the transmission of private key. With symmetric encryption, the private key needs to be transmitted to the other party for decryption, which may pose security risk.
  16. Asymmetric keys use how many keys?
    2 keys creates digital signatures, PUBLIC KEY CRYPTO!

  17. What are the steps involved with CHAP?
    CHAP (Challenge Handshake Authentication Protocol) works on point to point connections. It uses a three step process for authentication (excluding making the connection itself). If making the connection is also involved, it would be a 4 step process.
  18. PGP can be used to encrypt ip phone calls and emails?
  19. TPM does what?
    It stores and generates CRYPTO keys.
  20. What are MAC’s?
    Message Authentication Codes (MACs), also called "keyed hashes", are used to verify the authenticity of a message. Let us say, Jane (the sender of a message) and Mike (the recipient) share a secret key. Jane uses the message and the key to compute the MAC, and sends the MAC along with the message. When Mike receives the message, he computes the MAC, and then checks to see if his MAC matches Jane’s. If it does, then he knows the message is from Jane and that nobody has changed it since she sent it
  21. What are hashing algorithms and what are they used for?
    • Hashing is a ONE-WAY hash, creates a UNIQUE signature for a set of DATA. Hashing is used for integrity.
    • Hash Algorithms: Hash algorithms produce a hash of a message and encrypt it. They use a mathematical formula for hashing, and it is extremely difficult to tamper with the message and still produce the same hash. Basically, Hashing enable a recipient to check whether a message is received intact without being tampered by a third party.
  22. Authenticity does what?
    Provides proof of genuineness of the user.
  23. What is a ONE-TIME PAD?
    Combining a truly random key with plaintext.
  24. What is a stream-chipher?
    Replaces a char letter for letter.
  25. Asymmetric keys use what?
    Two mathematically related keys. Public to encrypt and private to decrypt.
  26. Remote Access policies provide what?
  27. Where is the RA policies stored?
    On the AUTHoriztion and AUTHentication servers.
  28. Kerberos is what? 88
    • A single sign-on and is used to verify network users.
    • The following are the important properties of Kerberos:
    • 1.It uses symmetric encryption
    • 2.Tickets are time stamped
    • 3.Passwords are not sent over the network
  29. Digital certs contain what?
    Owner name, public key, name of issuer, digital sig of issuer, serial # and expiration date. can be created by using asymmetric keys
  30. What is a CRL?
    Certificate Revocation List
  31. What is PKI?
    Public key Infrastructure. Digital signature management.
  32. What is Key escrow?
    Private keys are slit in half. and each is encrypted.
  33. What is the MAC?
    Mandatory Access Control (MAC) secures information by assigning sensitivity labels on objects (resources) and comparing this to the level of sensitivity a subject (user) is operating at. MAC ensures that all users only have access to that data for which they have matching or greater security label (or security clearance). In general, MAC access control mechanisms are more secure than DAC. MAC is usually appropriate for extremely secure systems including multilevel secure military applications or mission critical data applications.
  34. What is RoAC? Real-world approach...
    Role Based Access Control (RBAC): In Role-Based Access Control (RBAC), access decisions are based on an individual's roles and responsibilities within the organization. For instance, in a corporation, the different roles of users may include those such as chief executive, manager, executive, and clerk. Obviously, these members require different levels of access in order to perform their functions, but also the types of web transactions and their allowed context vary greatly depending on the security policy. In Role Based Access Control, the administrator sets the roles. Therefore, this type of access control is sometimes considered as a subset of MAC.
  35. What is DAC?
    Discretionary Access Control (DAC): Discretionary Access Control (DAC) is a means of restricting access to information based on the identity of users and/or membership in certain groups. Access decisions are typically based on the authorizations granted to a user based on the credentials he presented at the time of authentication (user name, password, hardware/software token, etc.). In most typical DAC models, the owner of information or any resource is able to change its permissions at his discretion. DAC has the drawback of the administrators not being able to centrally manage these permissions on files/information stored on the web server.
  36. RuAC
    Rule Based Access Control (RBAC): The access to a resource in Rule Based Access Control is based a set of rules. ACLs (Access Control Lists) are used for this type of access control. In Rule Based Access Control, the administrator sets the rules. Therefore, this type of access control is sometimes considered as a subset of MAC.
  37. What is FSRM?
    File Server Resouce Manager- creates quotas and file screens used with NTFS for access perms.
  38. KEBEROS uses what?
    • which consists of two logically separate parts: an Authentication Server (AS) and a Ticket Granting Server (TGS). Kerberos works on the basis of "tickets" which serve to prove the identity of users.
    • NTP
  39. IPsec has two headers?
    Yes. AH (Authentication header) and ESP (Encapsulating Security Payload)
  40. Incremental Backups do what?
    • Back up files that were changed from last full backup or incremental backup.
    • Quicker/less storage.
  41. Differential backups do what?
    Back up data that had been changed since the last full backup.

    More space/faster to recover.
  42. Vulnerability scans are different from penetration by?
    Vulnerability is done inside the org. Pen is not.
  43. Is RAID5 or RAID1 fault-tolerant?
  44. RAID 1+0 can loose how many disks and still not loose data?
    2 or more.
  45. Data is encrypted with? (wireless)
    TKIP and AES
  46. What two protocols are used to create a VPN?
    L2TP and PPTP
  47. ISAKMP/Oakley is used for what?
    Negotiation of encryption with IPsec. generates keys and authenticates user by using techniques such as certificates.
  48. S/MIME uses what encryption?
    RSA and Digital Certs. which are X.509
  49. SSL uses what encryption?
    a public key to encrypt data and uses TLS to guarantees privacy and integrity. Asymmetric Encryption
  50. What does Digital Certs use?
    X.509 by ITU
  51. GPO store what?
    The location where Group policy settings is stored.
  52. What is NAC?
    Network Access Control. It is a technology that examines a systems state and corrects any deficiency before it is allowed to access the network.
  53. What is a reverse proxy?
    A proxy that routes incoming requests to the correct server
  54. What is an Authentication server?
    A server who’s job it is to verify authentication of devices.
  55. What is EAP?
    Extensible Authentication Protocol considered and “envelope” to carry different kinds of exchange data used for authentication.
  56. Asymmetric crypto is which?
    • Diffie-Hellmans
    • ElGamal
    • Elliptical Curve
    • RSA
  57. What does TLS uses?
  58. The ____ are the operating system settings that impose how the policy will be enforced.
    Configuration baseline
  59. Javascript resides in HTML?
  60. One approach to substituting a fraudulent IP address is to target the external DNS server and is called ____.
    DNS poisoning or DNS spoofing
  61. ____ specifies that before a networked device starts to send, it should first listen (called carrier sensing) to see if any other device is transmitting.

    • CSMA/CD

  62. When TCP/IP was developed, the host table concept was expanded to a hierarchical name system known as the ____.
  63. Each wireless device looks for beacon frames in a process known as ____.

  64. DNS poisoning can be prevented by using the latest editions of the DNS software, ____.
  65. Signed Java applets by default run in the sandbox and are restricted regarding what they can do.
  66. ____, also called add-ons, represent a specific way of implementing ActiveX and are sometimes called ActiveX applications.
    ActiveX controls
  67. ____ can fully decode application-layer network protocols. Once these protocols are decoded, the different parts of the protocol can be analyzed for any suspicious behavior.
    Protocol Analyzers
  68. ____ monitor Internet traffic and block access to preselected Web sites and files.
    Proxy servers
  69. At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.
  70. ____ is the presentation of credentials or identification, typically performed when logging on to a system.
  71. ____ is the verification of the credentials to ensure that they are genuine and not fabricated.
  72. ____ is the right to use specific resources.
  73. OpenID is completely centralized.
  74. Because port numbers are 32 bits in length they can have a decimal value from 0 to 65,535. 16/16
    • true
    • TCP uses the notion of port numbers to identify sending and receiving application end-points on a host, or Internet sockets. Each side of a TCP connection has an associated 16-bit unsigned port number (0-65535) reserved by the sending or receiving application. Arriving TCP data packets are identified as belonging to a specific TCP connection by its sockets, that is, the combination of source host address, source port, destination host address, and destination port. This means that a server computer can provide several clients with several services simultaneously, as long as a client takes care of initiating any simultaneous connections to one destination port from different source ports.Port numbers are categorized into three basic categories: well-known, registered, and dynamic/private. The well-known ports are assigned by the Internet Assigned Numbers Authority (IANA) and are typically used by system-level or root processes. Well-known applications running as servers and passively listening for connections typically use these ports. Some examples include: FTP (21), SSH (22), TELNET (23), SMTP(25) and HTTP (80). Registered ports are typically used by end user applications as ephemeral source ports when contacting servers, but they can also identify named services that have been registered by a third party. Dynamic/private ports can also be used by end user applications, but are less commonly so. Dynamic/private ports do not contain any meaning outside of any particular TCP connection.
  75. Determining vulnerabilities often depends upon the background and experience of the assessor.
  76. Identifying vulnerabilities through a(n) ____ determines the current security weaknesses that could expose assets to threats.
    vulnerability appraisal
  77. ____ provides support to IP in the form of ICMP messages that allow different types of communication to occur between IP devices.
  78. A(n) ____ port means that the host system does not reply to any inquiries to this port number.
  79. A(n) ____ port indicates that no process is listening at this port.
  80. Several large Internet providers support SSO, but only for their own suite of services and applications.
  81. ____ time is the time it takes for a key to be pressed and then released.
  82. There are several types of OTPs. The most common type is a ____ OTP.
  83. ____ is granting permission for admittance.
  84. The ____ model can dynamically assign roles to subjects based on a set of rules defined by a custodian.
  85. The ____ model is considered a more “real world” approach than the other models to structuring access control.
  86. Regarding access control, a(n) ____ is a user or a process functioning on behalf of the user who attempts to access an object.
  87. Generally a ____ is used to configure settings for systems that are not part of Active Directory.
    Local group policy
  88. Controlling wireless access of devices to the WLAN is accomplished by limiting a device’s access to the access point (AP).
  89. The PRNG in WEP is based on the ____ cipher algorithm.
  90. The plaintext to be transmitted has a cyclic redundancy check (CRC) value calculated, which is a checksum based on the contents of the text. WEP calls this the ____ and appends it to the end of the text.
    Integrity Check Value (ICV)
  91. Encryption under the WPA2 personal security model is accomplished by ____.
  92. WPA also replaces the cyclic redundancy check (CRC) function in WEP with the ____.
    MIC Message Integrity Check
  93. Access points have a setting called “____,” which is what the PSK uses as a seed value to generate new keys.
    Group Key Renewal
  94. In order to address growing wireless security concerns, in October 2003 the Wi-Fi Alliance introduced ____.
  95. Often the devices most vulnerable to attack are those that provide services to inside users.
  96. ____ switches are connected directly to the devices on the network.
  97. ____ are designed to inspect traffic, and based on their configuration or security policy, they can drop malicious traffic.
  98. Using ____, networks can essentially be divided into three parts: network, subnet, and host.
    Classful addressing
  99. Symmetric crypto uses?
    • RC(4,5,6)
    • IDEA


    • Twofish
    • BLowfish
    • DES,3des, AES (Rijndael) Stongest.
  100. What is the bit-length of an Initialization Vector (IV)?
    24 bytes
  101. What does the PSK (Pre-shared Key) authenticate with?
    A passphrase
  102. What is identification?
    The review of credentials.
  103. What is Implicit deny?
    If condition is not explicitly met, it is denied.
  104. What is explicit deny?
    Clearly denied
  105. What is a mantrap?
    A security device that monitors and controls two interlocking doors to a small room that separates a secure area.
  106. You are the system administrator for your organization. You are responsible for access privilege for which of the following control systems?
    Mandatory Access Control

    System administrator is responsible for access control in the MAC model. The owner of the organization will be responsible for DAC. The RBAC is dependent on the role played by the user in the organization.
  107. While assigning access privilege using the DAC, which of the following will you be needing?
    Access Control list

    The information of mapping users to their permissions for resource access would be available in the ACL.
  108. Which of the following statements relating to the MAC model is true? Choose two.
    • MAC uses static mapping or predefined access privileges
    • MAC cannot allow dynamic sharing of resources

    MAC uses a static or predefined set of access privileges and hence cannot allow dynamic sharing of resources.
  109. Certificates are best used in which of the following scenarios? Choose all that apply.
    • Accessing Web sites
    • Intranet login

    LAN login will be secure if the network policies in the organization follow book rules. It will not require certificates. Certificates are best used during WAN access. For ex: when using web sites that require you to provide confidential information about yourself, or when you are logging in to the Intranet, from an unknown location. The Dial-up connection in itself does not require any authentication except with the service provider.
  110. Which of the following does NOT happen during a CHAP authentication? Choose all that apply
    • The server issues password to any body requesting for it.
    • The server requests for the password
    • The server expects a clear text password initially.

    Whenever a user requests login, the Server poses a challenge and then the user provides the requested password and then the server will decide based on the credentials if it should authorize the user or not. This is what is referred to as three-way handshake.
  111. Which of the following is true about a token system? Choose all that apply.
    • A token is generated per every session of the user.
    • A token contains user access permissions.
    • A token is destroyed after the session is completed.

    A token is generated when a user has been successfully authenticated. This token is attached to the users' session and will be destroyed once the session is terminated or after the user has logged out. This token will contain user access permission assigned on the network resources for that user.
  112. Which of the following are key components in the Kerberos system? Choose two.
    • Key Distribution Center
    • Ticket

    The Kerberos system requires a Key Distribution Center (KDC) which is responsible for authenticating any network user, Computer or Service. Depending on whether the authentication fails or succeeds the ticket will be granted to the end user, Computer or Service.
  113. Which of the following does the Biometrics use to establish user identity? Choose two
    • Finger print
    • Retinal scan
  114. To allow access to a campus you would use Kerberos. T/F?

    To allow access to a campus you would use smart cards.
  115. Which of the following are an advantage and a disadvantage with clear text authentication?
    Easy to implement and not secure

    Clear text authentication is very simple and easy to implement and verify. But a network that has implemented clear text security is not very secure as it is very easy to decipher clear text passwords.
  116. If you had to implement a foolproof method of establishing User ID in your organization, which of the following would you choose? Choose the best answer.

    Biometric will authenticate or establish User ID depending on the physical attribute of the user. For ex: Finger print, hand scan or retina scan. Since these physical attributes are always physically attached to the person, there is no fear of any of these being lost or reaching wrong hands. Hence Biometric is the most secure form of authentication.
  117. RADIUS is abbreviation for Remote Access Data Inspection User Service. T/F?

    RADIUS is abbreviation for Remote Access Dial In User Service.
  118. If you were implementing an Enterprise network that require remote users connecting to the Intranet, which of the following services would be most important?

    It is imperative that remote users be assigned a separate block of IP addresses for the purpose of connecting to the company Intranet. This is inline with security for the network. This dynamic allocation will be possible only with the help of DHCP service.
  119. Which of the following services when placed on the edge of the newtork, will provide security to the entire network?
  120. Which of the following is a Wireless LAN susceptible to?
  121. Which of the following can be termed as the Denial of Service Attack?
    Your Web server has gone into a loop trying to service a client request
  122. You are planning on hosting an eCommerce Web server. You are intent on making the server secure against all external attacks possible. Which of the following would be the best way to test your server for its weaknesses? Choose the best answer
    Simulate a DDoS attack on that server
  123. When debugging an Operating system, a programmer would make use of a front door. T/F?
    A programmer makes use of back doors in the program for the purpose of debugging or observing the performance of the program.
  124. Which of the following protocols help to gain MAC address of a PC on the network?
    Address Resolution Protocol (ARP) of the IP protocol suite is responsible for obtaining MAC address of the PC whose IP address is available for communication.
  125. To transfer mails between email servers of different domains you would require POP3 service. T/F?
    SMTP to transfer between different domains
  126. Which of the following is the most popular protocol that is used in dial-up connections?
    SLIP and PPP are the only two protocols that can be used for dial-up connections. SLIP is now obsolete. PPTP is a tunneling protocol and POP3 is used for mail retrieval.
  127. Which of the following protocols could a VPN make use of? Choose two.
    PPTP and L2TP

    A VPN tunnel requires tunneling protocols. L2TP (Layer 2 Tunneling Protocol) and PPTP (Point to Point Tunneling Protocol) are the only two relevant protocols that relate to VPN. HTTP and NNTP are services that are usually configured on a Web Server.
  128. When a remote user is dialing-in to the network, which of the following servers would be challenging his request for authentication first?
    In the mentioned scenario, the RADIUS server would be challenging the users request first, the rest of the servers on the network, would then verify with this RADIUS server at a later stage when they receive a request for resource access from this dial-in or remote user.
  129. You are configuring a VPN whose tunnel passes through the public network. You are concerned for the security as your VPN may be connecting across the globe to several networks operating on different platforms. Which of the following would be ideal to secure your VPN? Choose the best answer.

    Since the only protocol that supports cross platform communication is IP, the best way to implement security in this scenario would be through IPSec. PPTP is a tunneling protocol and does not relate to security. Kerberos is a LAN security protocol. Certificates can help in this scenario provided the access limitation is acceptable.
  130. Which of the following would help with dedicated authentication to dial-in clients?
    TACACS (Terminal Access Controller Access Control System), RADIUS are both dedicated authenticating services for dial in users. IAS (Internet Authentication Server) is not ideally meant for this purpose.
  131. L2TP can work over which of the following networks? Choose all appropriate answers.
    L2TP (Layer 2 Tunneling Protocol) was created by Cisco as well as Microsoft. It is meant to function over IP, IPX and SNA networks (IBM System Network Architecture)
  132. Which of the following will be compulsory tasks to run on Web servers of your network? Choose two.
    There are web sites that keep updating vulnerability information for different platforms. It is ideal to constantly browse these sites and keep checking if it applicable for the platform and applications housed in your web server. Another mandatory task is to update virus definition files regularly.
  133. Which of the following virus types can be transmitted via email? Choose two most common types that apply.
    Trojan and Worms
  134. When configuring antivirus for email, which of the following configurations must be applied? Choose two.
    Scan before downloading will ensure the message that is infected will be deleted before actually downloading to the hard disk. Scan before sending will ensure that you are not inadvertently transmitting a virus along with the message tot the destination email Id.
  135. Which of the following port numbers is used by SMTP?
    SMTP service uses port number 25.
  136. Which of the following statements about an email server is/are true? Choose only answer(s) that apply
    Before transmitting any email, the mail server is bound to verify the domain in the destination address of the email to see if it the domain name is self or not before it actually sends the mail out. Before receiving any email its primary security function is to ensure that the email is not infected. In case of the email being infected it is supposed to be discarded.
  137. Which of the following statements regarding Infrared communication is true? Choose three.
    Infrared and Radio frequency are two different communication media. The Infrared communication requires line of sight. If the device that intends interception is placed in the line of sight as the main devices then interception will be very easy. This mode of communication is least secure.
  138. To which layer do the following communicating devices belong? Switch, Ethernet Card.
  139. Which of the following communications use the 2.4 GHz frequency? Choose three.
    Microwave, Cordless Phone and WLAN g&b
  140. If you wish to block FTP access to your Web server, which of the following Firewall types should you consider?
    Packet Filtering Firewall.

    Stateful inspection is a type of filtering used when complex security is required and header information of packets will have to be read to perform filtering. In the above mentioned scenario, you just need filtering based on port numbers. This type of filtering is done in packet filtering firewall types. Port filtering is a function and not a firewall type. Application filtering is irrelevant.
  141. Which of the following are capable of functioning as a Firewall? Choose two
    Proxy and Router

    Proxy service as well as the Router is both capable of Network Address translation (NAT) which is the basic function of a firewall.
  142. Which of the following about the Stateful inspection firewall is true? Choose two.
    The Stateful inspection firewall, monitors connection status based on the state table. It functions on the network layer and monitors connection status for the entire network.
  143. Stateful inspection firewall will operate on all the 7 layers of the OSI reference model. T/F?
  144. Which of the following will relates to how the external world can access the internal network resources?
    Access Policy

    The access policy or the Service access policy will dictate to what extend the external users can access internal network resources or which of the internal resources will be totally inaccessible to the outside world.
  145. Which of the following firewall policies is most restrictive?
    Deny All
  146. When faced with an outgoing packet, which of the following header components would a firewall look at first?
    Destination Address
  147. If you have implemented a DHCP in your network and you would wish to secure this service so that no external user will be able to become a DHCP client, which of the following would you ensure?
    Blocking port numbers 67 and 68 on the external interface of the firewall for incoming connections will ensure that no external user will be able to access the internal DHCP service.
  148. What ports are used for DHCP?
    67 and 68
  149. If you wish to allow the external users access your Web server you must block port number 110. T/F?
    Port 80

    If you wish to allow the external users access your Web server you must unblock port number 80.
  150. Which of the following can secure your internal server best, against external attacks? Choose all that apply.
    The best way to preserve an internal server from external attacks is to make sure there are no unnecessary services running on the server, no unused user names are existing in the user database, all vulnerabilities are being verified and monitored at required intervals.
  151. Which of the following is true about providing security to database servers? Choose two.
    It is always safe that you host a database server on a server resource internal to the network rather than on the same server as your Web server. A three-tier model ensures security to your database server as the database server cannot be directly accessed in this model. Centralized or distributed administration will not be a security concern here.
  152. To prevent internal Web servers from being accessed you must block TCP port 20. T/F?

    Port 443 and 20
  153. Authorized update is one way of securing DNS serer. T/F?

    Authorizing the sender of the update and then checking for verification purpose is one way of securing the DNS server database and service availability.
  154. Does NTFS provide file system security?

    It uses EFS (Encrypting file system)
  155. Which of the following statements about the SHA (Security Hash Algorithm) are true? Choose two.
    Current version is SHA-1 and it is used with encrypting protocols.
  156. Which of the following are encryption systems? Choose two.
    RC5 (Ron’s Code) and Blowfish
  157. Which of the following is true about Public/Private key pairs? Choose two.
    They form an essential part of Web site security system, as it is the most convenient security system for Web sites considering that clients would be accessing the Web site over the public network. The Certificate security system uses the basic logic of Public/Private key pairs.
  158. RSA is the encryption system used in cellular devices. T/F?
    ECC is used in cellphones
  159. What is the requirement for cryptography? Choose two.
    Network resource access will have to be controlled through access permissions. Server access will have to be controlled through physical security to the server. Unauthorized access prevention of stored information or information being transmitted is the role of cryptography.
  160. Which of the following is responsible for key issues relating to security of inter-bank communications?
  161. Which of the following will be required to perform Cryptanalysis? Choose three.
    • Mathematical Tools
    • Analytic Reasoning
    • Pattern Finding

    Cryptanalysis is a process of studying the pattern of secure communication and breaking it. It involves complex combination such as patience and determination combined with skills of pattern finding, mathematical tools and analytical reasoning.
  162. In symmetric-key encryption, one key will be used for encryption and another will be used for decryption to provide maximum security. T/F?
    • In symmetric-key encryption, one key will be used for encryption as well as decryption.
    • FALSE
  163. Which of the following is an advantage of using conventional encryption?
    Its very fast
  164. The concept of public key cryptography was introduced by Diffie-Hellman. T/F?

    The issues with key distribution faced by conventional encryption, was overcome by the Public-key cryptography concepts introduced by Diffie-Hellman.
  165. Which of the following statements about Public Key Cryptography are true? Choose two.
    • You do not need an existing security setup
    • Public key can only encrypt and private key can only decrypt
  166. A digital signature is synonymous to which of the following?
    Handwritten signature
  167. Which of the following are the two key-based algorithms?
    Symmetric and Asymmetric

    There are two types of key-based algorithms. Depending on the key pair types they use, they can be categorized as symmetric or asymmetric algorithms.
  168. Which of the following types of cryptography is possible? Choose two.
    • Cryptography with keys
    • Cryptography without keys
  169. Cryptography without keys is more secure than cryptography with keys. T/F?

    Cryptography without keys is not at all secure as the deciphering program will reside on the same media where the data or message is being received. In case of thest, the data can be stolen along with the deciphering program.
  170. Which of the following is required by the cipher when it is important to maintain a message as a secret?
    To keep a message a secret it is required that the cipher must be able to generate several cipher text.
  171. Which of the following is the most common attack faced by the DES algorithm?
    Brute force
  172. Differential cryptanalysis is nothing but pattern studying. T/F?
  173. Which of the following is provided by IDEA? Choose two.
    IDEA provides high level of security along with ease of implementation.
  174. Which of the following best describes Ron�s Code 2?
    code 2 is a 64-bit block cipher. It was devised by Ron Rivest.
  175. The block size in RC5 can range from 0 to 255. Y/N?
    • No
    • he block size in RC5 can be 32-bit, 64-bit or 128-bit
  176. Which of the following statements are true about the way data classification can be made? Choose two
    • It may be adhoc or informal
    • The strategy usually involves a scheme that splits into different levels
  177. Which of the following will allow you to take stock of sensitive data in the organization?
    By auditing all servers in the network for stored data, you can classify data as sensitive or non-sensitive. Auditing is the best process of taking stock of sensitive data in the network.
  178. In case of fire, which o the following needs to be programmed to be put off instantly?
    Electric Supply
  179. Which of the following is an ideal location for storing the backup?
    Any off site location is good. Within the vicinity of the site will ensure that data backup is safe in case of fire and is also available at short notice when required to restore. In general, Budget and security concerns should dictate distance, as far away location will protect against natural disasters that may effect the city/neighbrohood.
  180. Which of the following backup is most time consuming to restore during a server crash?
  181. Which of the following processes will allow you to ascertain organizational assets?

    Auditing is an accounting process where in the organization assets and deficits will be accounted for.
  182. Which of the following is necessary when analyzing threats?
    View the data in the history to analyze the pattern and frequency of an occurrence
  183. Which of the following is an essential configuration for email messages?
    Content specific action will ensure that you can discard the mail that is containing sensitive or prohibited data.
  184. It is ideal that a network supports a specific encryption standard only. T/F?

    Supporting only a specific encryption standard will make that network a closed network and will make it impossible to communicate with networks that follow flexibility in encryption.
  185. It is ideal for any organization to employ an encryption scheme that can address its entire organizations� data security either stores or transmitted. T/F?
  186. Creating a basic standard for application settings, security settings, and active services on every company laptop would be considered...
    a security template
  187. All of the following are correct about LDAP EXCEPT:
    . all attributes will be encrypted
  188. Which of the following is a key reason for using virtual machines in a test lab where attackers or malware may compromise a machine?
    Easier to restore the system to the original state
  189. Which of the following is more of an irritation than a security threat?
  190. Least privilege is defined as giving access to information:
    needed to complete the task
  191. Which of the following describes a piece of malicious code that is activated when specified conditions are met?
    Logic Bomb
  192. An administrator wishes to enable network auditing policies. Which of the following should the security administrator log?
    Logon Success and Failures
  193. From a security perspective a performance baseline is MOST useful for
    detecting performance anomalies that may be due to security breaches
  194. A company creates its own application that accesses the company databases and requires a unique login, based on the user’s domain account. The developer has an undocumented login for testing that does not need to be authenticated against the domain. Which of the following is a security issue regarding this scenario?
    It can be used as a backdoor into the company’s databases
  195. In order to perform a TCP hijacking attack, an attacker would be required to:
    know the IP addresses of both hosts and sequence numbers of the TCP/IP packets
  196. Port 20, 21
  197. Port 22
  198. Port 23
  199. Port 25
    SMTP mail
  200. Port 43
  201. Port 49
  202. Port 53
  203. Ports 67-68
  204. Port 69
  205. Port 79
  206. Port 80
  207. Port 88
  208. Port 102
    MS Exchange
  209. Port 110
  210. Port 119
  211. Port 123
    Network Time Protocol
  212. Port 137-139
  213. Port 143
  214. Port 161-162
    SNMP management
  215. Port 201
  216. Port 389
  217. Port 411-412
    PEER-TO-PEER comm.
  218. Port 443
    HTTP over SSL
  219. Port 445
    MS DS (Directory Service)
  220. Port 464
  221. Port 465
    SMTP over SSL
  222. Port 500
  223. Port 514
  224. Port 546-547
  225. Port 563
    NNTP over SSL
  226. Port 587
  227. Port 636
    LDAP over SSL
  228. Port 691
    MS Exchange
  229. Port 860
  230. Port 989-990
    FTP over SSL
  231. Port 993
    IMAP4 over SSL
  232. Port 995
    POP3 over SSL
  233. Port 1241
    NESSUS - Vulnerability Scanner
  234. Port 1701
  235. Port 1723
  236. Port 1725
  237. Port 1812-1813
  238. Port 2049
  239. Port 3124
    HTTP Proxy