___ simplifies user and computer security administration.
What should you check, if an email server is forwarding emails for another domain?
SMTP open relay
Which protocol is used for encryption between mail servers?
TLS-transport layer security, which uses public key
What is DTP?
dynamic trunking protocol. VLAN trunking is a method to support multiple VLANs that have members on more than one switch. VLAN hopping is a computer security exploit, a method of attacking networked resources on a VLAN. The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.
What should you disable, to reduce VLAN jumping?
DTP-dynamic trunking protocol
How do you implement a security patch in an enterprise environment?
download patch from vendor’s secure website; test the patch; install it on all workstations
What is an industry standard for remote logging?
What is the strongest encryption form that can be used in all countries?
Is a HIDs an in-line device?
In a NIDS, a ___ provides the user interface.
What is often used with L2TP?
How can you increase the collision resistance of a hash?
Is signature-based NIDS configuration solely based on network traffic?
Does L2TP provide confidentiality protection?
What kind of security testing techniques are the following? Determine if the system is properly documented; and learn about security aspects that are only available through documentation.
passive security testing
How can a technician view the security permissions of a file?
the ACL-access control list
You are required to have the ___ privilege, in order to restore a public/private key set on a certificate authority.
How do you ‘test’ a newly-released patch?
verify the integrity; verify it’s relevant to your system; test it in a nonproduction environment
Does a firewall log reveal activities related to an ACL?
Which is more common for securing a WEB browsing session: HTTPS or SHTTP ?
When is it okay to install a hot fix?
when no patch is available, AND workarounds do not correct the problem
Can password crackers exploit weaknesses in encryption algorithms?
What is a message authentication code?
something you can use to check data integrity
In “remote authentication”, you connect to a domain server in ___.
What is the MOST efficient way to encrypt large amounts of data?
symmetric key algorithms
A ___ is an example of having a “user profile” that permits someone who is not administrator, to use an application which requires a user to be an administrator.
How can you find all the open ports on the network?
use a network scanner
Programs need the proper ___ to use LDAP.
How does RBAC (role-based access control) work?
1.users assigned to roles; 2. Permissions assigned to roles; 3. Users acquire permissions by being a member of the role
Is NESSUS a protocol analyzer?
No—it’s a vulnerability scanner
A network scanner can show you all the open ports on ___.
In RBAC, you acquire permissions by being a member of ___.
Is wireshark a vulnerability scanner?
No—it’s a protocol analyzer
When opening an application, the user receives an error they’ve never seen before. It’s probably because ___.
a patch was pushed out
Which encryption algorithm can be decrypted the fastest, AES or RSA?
The data custodian is responsible for ___.
the “recoverability” of the data
Why should DNS logs be archived?
In case there’s an investigation in the future
Backing up all the data that has changed since the last backup is called ___.
a differential backup
To minimize the amount of time it takes to recover from your backups, should you use incremental or differential?
What is the best combination on a wireless network?
WPA with RADIUS
What is WEP?
wireless equivalency protocol, using RC4 encryption for 802.11a and 802.11b protocols
What is a procedure to control inbound and outbound traffic on a network segment?
ACL—access control list used by a router to control traffic
Which log shows unauthorized usage attempts?
How can you detect staff members who are connecting to an unauthorized web site?
use a protocol analyzer
The secure LDAP port # is ___.
When a work station connects to a server using SSL, it uses a public key and ___.
a “session” key
It takes less time to recover a server, if ___.
the server is implemented as a virtual server instance
What type of threat requires interaction from a staff member?
___ is a tool that permits users to only go to approved business-related websites.