50-9

Card Set Information

Author:
practice361
ID:
18242
Filename:
50-9
Updated:
2010-05-07 17:30:38
Tags:
terms
Folders:

Description:
terms
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user practice361 on FreezingBlue Flashcards. What would you like to do?


  1. ___ simplifies user and computer security administration.
    directory services
  2. What should you check, if an email server is forwarding emails for another domain?
    SMTP open relay
  3. Which protocol is used for encryption between mail servers?
    TLS-transport layer security, which uses public key
  4. What is DTP?
    dynamic trunking protocol. VLAN trunking is a method to support multiple VLANs that have members on more than one switch. VLAN hopping is a computer security exploit, a method of attacking networked resources on a VLAN. The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.
  5. What should you disable, to reduce VLAN jumping?
    DTP-dynamic trunking protocol
  6. How do you implement a security patch in an enterprise environment?
    download patch from vendor’s secure website; test the patch; install it on all workstations
  7. What is an industry standard for remote logging?
    syslog
  8. What is the strongest encryption form that can be used in all countries?
    WEP
  9. Is a HIDs an in-line device?
    no
  10. In a NIDS, a ___ provides the user interface.
    console
  11. What is often used with L2TP?
    IPSec
  12. How can you increase the collision resistance of a hash?
    use salt
  13. Is signature-based NIDS configuration solely based on network traffic?
    yes
  14. Does L2TP provide confidentiality protection?
    no
  15. What kind of security testing techniques are the following? Determine if the system is properly documented; and learn about security aspects that are only available through documentation.
    passive security testing
  16. How can a technician view the security permissions of a file?
    the ACL-access control list
  17. You are required to have the ___ privilege, in order to restore a public/private key set on a certificate authority.
    recovery agent
  18. How do you ‘test’ a newly-released patch?
    verify the integrity; verify it’s relevant to your system; test it in a nonproduction environment
  19. Does a firewall log reveal activities related to an ACL?
    yes
  20. Which is more common for securing a WEB browsing session: HTTPS or SHTTP ?
    HTTPS
  21. When is it okay to install a hot fix?
    when no patch is available, AND workarounds do not correct the problem
  22. Can password crackers exploit weaknesses in encryption algorithms?
    yes
  23. What is a message authentication code?
    something you can use to check data integrity
  24. In “remote authentication”, you connect to a domain server in ___.
    another city
  25. What is the MOST efficient way to encrypt large amounts of data?
    symmetric key algorithms
  26. A ___ is an example of having a “user profile” that permits someone who is not administrator, to use an application which requires a user to be an administrator.
    security template
  27. How can you find all the open ports on the network?
    use a network scanner
  28. Programs need the proper ___ to use LDAP.
    authentication credentials
  29. How does RBAC (role-based access control) work?
    1.users assigned to roles; 2. Permissions assigned to roles; 3. Users acquire permissions by being a member of the role
  30. Is NESSUS a protocol analyzer?
    No—it’s a vulnerability scanner
  31. A network scanner can show you all the open ports on ___.
    the network
  32. In RBAC, you acquire permissions by being a member of ___.
    the role
  33. Is wireshark a vulnerability scanner?
    No—it’s a protocol analyzer
  34. When opening an application, the user receives an error they’ve never seen before. It’s probably because ___.
    a patch was pushed out
  35. Which encryption algorithm can be decrypted the fastest, AES or RSA?
    AES
  36. The data custodian is responsible for ___.
    the “recoverability” of the data
  37. Why should DNS logs be archived?
    In case there’s an investigation in the future
  38. Backing up all the data that has changed since the last backup is called ___.
    a differential backup
  39. To minimize the amount of time it takes to recover from your backups, should you use incremental or differential?
    differential
  40. What is the best combination on a wireless network?
    WPA with RADIUS
  41. What is WEP?
    wireless equivalency protocol, using RC4 encryption for 802.11a and 802.11b protocols
  42. What is a procedure to control inbound and outbound traffic on a network segment?
    ACL—access control list used by a router to control traffic
  43. Which log shows unauthorized usage attempts?
    security
  44. How can you detect staff members who are connecting to an unauthorized web site?
    use a protocol analyzer
  45. The secure LDAP port # is ___.
    636
  46. When a work station connects to a server using SSL, it uses a public key and ___.
    a “session” key
  47. It takes less time to recover a server, if ___.
    the server is implemented as a virtual server instance
  48. What type of threat requires interaction from a staff member?
    a virus
  49. ___ is a tool that permits users to only go to approved business-related websites.
    internet content filter
  50. The “authentication header” modes are ___.
    transport and tunnel

What would you like to do?

Home > Flashcards > Print Preview