Part One Final

Card Set Information

Author:
slmckissack
ID:
294868
Filename:
Part One Final
Updated:
2015-02-04 12:23:05
Tags:
Part One Final
Folders:
Part One Final
Description:
Part One Final
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user slmckissack on FreezingBlue Flashcards. What would you like to do?


  1. What does authentication do?
    A. Determines what actions or access an approval user can do or have.
    B. Confirms the identity of a user.
    C. Tracks the resources an authorized user accesses.
    D. Assigns usernames and passwords.
    B. Confirms the identity of a user
    (this multiple choice question has been scrambled)
  2. What methods monitor a network for the possible penetration of security measures?
    A. Password policies and password attempt limits.
    B. Encryption and secure communication links.
    C. Username and password.
    D. Intrusion detection and intrusion prevention.
    D. Intrusion detection and intrusion prevention
    (this multiple choice question has been scrambled)
  3. Packet filter, circuit-level gateway, and application-level gateway are all forms of what?
    A. Authentication
    B. Spam Filtering
    C. Stateful inspection
    D. Packet Routing
    C. Stateful Inspection
    (this multiple choice question has been scrambled)
  4. What form of security management do firewalls implement?
    A. Rule-based management
    B. Access control management
    C. Loop management
    D. Business rules and policies management.
    A. Rule-based management
    (this multiple choice question has been scrambled)
  5. What TCP/IP service enables a LAN to use private IP addresses for internal traffic and public IP addresses for external traffic?
    A. NAT
    B. RAS
    C. PaaS
    D. NAC
    A. NAT
    (this multiple choice question has been scrambled)
  6. What computing technology has the capability to simulate an operating system, a server, a storage device, or other network resources?
    A. Cloud Computing
    B. Telephony
    C. Virtualization
    D. EAPoL
    C. Virtualization
    (this multiple choice question has been scrambled)
  7. What IPv6 protocol set provides for the secure exchange of packets at the Network or IP layer?
    A. NAT
    B. SSH
    C. DNS
    D. IPSec
    D. IPSec
    (this multiple choice question has been scrambled)
  8. What TCP/IP protocol is TCP/UDP port 80 associated with?
    A. HTTPS
    B. Telnet
    C. SSH
    D. HTTP
    D. HTTP
    (this multiple choice question has been scrambled)
  9. What IEEE standard defines Extensible Authentication Protocol?
    A. IEEE 802.11i
    B. IEEE 802.11x
    C. IEEE 802.1x
    D. IEEE 802.3
    C. IEEE 802.1x
    (this multiple choice question has been scrambled)
  10. What element of a security policy limits an employee's access to only those records or assets she needs to do her job?
    A. Separation of duties
    B. Principle of least privilege
    C. Mandatory vacations
    D. Job rotation
    B. Principle of least privilege
    (this multiple choice question has been scrambled)
  11. What type of risk control provides a method or strategy for handling the aftermath of a potential security event?
    A. Avoidance
    B. Contingency
    C. Prevention
    D. Reduction
    B. Contingency
    (this multiple choice question has been scrambled)
  12. Installing antivirus software is an example of what type of risk administration action?
    A. Risk Calculation
    B. Risk Acceptance
    C. Risk Mitigation
    D. Risk Transference
    C. Risk Mitigation
    (this multiple choice question has been scrambled)
  13. What is the correct order of the following incident response steps?
    A. RTO
    B. Create backups of data captures of the systems or devices.
    C. Isolate the suspect or affected systems or devices.
    D. Follow up on causes and vulnerabilities.
    E. Resolve the issues.
    C, B, E, A, D
  14. Which of the following has the highest (most important) order of volatility?
    A. Network States
    B. Disk storage
    C. Active processes
    D. Main Memory
    D. Main Memory
    (this multiple choice question has been scrambled)
  15. On a Windows system, what utility application creates and maintains system-level log files?
    A. Microsoft Internet Explorer
    B. Microsoft Explorer
    C. Regedit
    D. Event Viewer
    Event Viewer
  16. What do HVAC systems maintain inside a secured data center?
    A. Physical security devices
    B. Interference shielding
    C. Fire suppression equipment
    D. Temperature and relative humidity
    D. Temperature and relative humidity
    (this multiple choice question has been scrambled)
  17. What process categorizes information by its sensitivity, access, protection, and regulation?
    A. Information protection
    B. Information classification
    C. Information sensitivity
    D. Information access
    Information classification
  18. What is the fire class for an electrical fire?
    A. Class D
    B. Class B
    C. Class A
    D. Class C
    D Class C
  19. What type of plan is especially important for an IT department that's located remotely from its user base, which depends on its availability to conduct all of their business functions?
    A. Disaster recovery plan (Disaster recovery plan)
    B. Contingency plan
    C. Business Continuity plan (BCP)
    D. Business impact analysis (BIA)
    A. Disaster Recovery Plan (DRP)
    (this multiple choice question has been scrambled)
  20. A user on your network receives an email advising her to visit a company's website to confirm her name, address, phone number, and account number with the company. What type of social engineering could this email likely be?
    A. Malware
    B. Social networking
    C. Piggybacking
    D. Phishing
    D. Phishing
    (this multiple choice question has been scrambled)
  21. What type of network supports a website that allows you to transfer music files to another user without passing through security measures?
    A. Malware
    B. Social Engineering
    C. Peer-to-Peer
    D. Phishing
    C. Peer-to-Peer
    (this multiple choice question has been scrambled)
  22. Which of the following concepts is most closely associated with load balancing?
    A. Computer clustering
    B. Split-brain
    C. Network resiliency
    D. Hot swap
    A. Computer clustering
    (this multiple choice question has been scrambled)
  23. When two sectors of a hard disk drive fail, what technology is able to restore the data on the failed sectors and continue providing I/O services without a system failure?
    A. load balancing
    B. RAID
    C. Failover
    D. Clustering
    B. RAID
    (this multiple choice question has been scrambled)
  24. What protocol creates a communications framework among nearby routers that is able to react when the default gateway on a network becomes unavailable to provide continuity of service?
    A. MTBF
    B. HSRP
    C. SPOF
    D. RTO
    B.HSRP
    (this multiple choice question has been scrambled)
  25. What TCP/IP layer 2 protocol is most associated with Denial-of-Service attack?
    A. ICMP
    B. SNMP
    C. DDoD
    D. TCP
    A. ICMP
    (this multiple choice question has been scrambled)
  26. What is the best defense against social engineering attacks.
    A. Anti-virus software
    B. Physical Security
    C. User Awareness
    D. Secure Gateway
    C. User Awareness
    (this multiple choice question has been scrambled)
  27. What is the general term for software designed to perform damage, destruction, nuisance, and collect personal or private information?
    A. Adware
    B. Phishing
    C. Scareware
    D. Malware
    D. Malware
    (this multiple choice question has been scrambled)
  28. In what type of attack does an attacker add an unauthorized device to a wireless network to gain access to a wired network connected to a wireless network access point?
    A. Evil Twin
    B. DoS attack
    C. Insertion attack
    B. Bluesnarfing
    C. Insertion attack
    (this multiple choice question has been scrambled)
  29. What term describes an unauthorized network access point inserted into a wireless network?
    A. Man-in-the-middle attack
    B. Active attack
    C. Rogue access point
    D. Session hijacking
    C. Rogue access point
    (this multiple choice question has been scrambled)
  30. What device is a helpful tool for network administrators for troubleshooting network issues and an attacker's tool for intercepting data packets on a network?
    A. Network access point
    B. Packet sniffer
    C. Bluetooth
    D. Internet gateway
    B. Packet Sniffer
    (this multiple choice question has been scrambled)
  31. What form of attack inserts programming code, data, formatting or commands into an existing document or file?
    A. SQL injection attack
    B. Command injection attack
    C. Code injection attack
    D. All of the above.
    D. All of the above
  32. What type of HTTP cookie remains on a user's computer between sessions with a specific website?
    A. Non-persistent cookie
    B. Persistent cookie
    C. Third-party cookie
    D. HttpOnly cookie
    B. Persistent Cookie
    (this multiple choice question has been scrambled)
  33. What must an attacker do to gain the credentialing necessary to navigate inside of a network or system?
    A. Transverse directories
    B. Access system log files
    C. Apply principle of least privilege
    D. Achieve escalation of privileges
    D. Achieve escalation of privileges
    (this multiple choice question has been scrambled)
  34. A new company employee is attempting to gain access to a primary application for her company. She has attempted to log into the application four times before giving up. The IDS system has reported this activity as an anomaly to the IT department. How should the IT security people view this report?
    A. An associational trend
    B. False Positive
    C. False negative
    D. Signature-based intrusion attempts
    B. False positive
    (this multiple choice question has been scrambled)
  35. Of the security system types that you can use to screen system activity for unauthorized events and incidents, which one will identify a potential threat and attempt to block it?
    A. MAC filtering
    B. Intrusion detection system (IDS)
    C. Protocol analyzer
    D. Intrusion prevention system (IPS)
    D. Intrusion prevention system (IPS)
    (this multiple choice question has been scrambled)
  36. After performing an audit and review of the network security policies, Tom changes the administrator account name and password, requires all users to create new strong passwords, removes all unused and unneeded user accounts, and disable all unnecessary services running on the network serves. What process has Tom just completed?
    A. Authentication
    B. Detection and prevention control
    C. Hardening
    D. Authorization
    C. hardening
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview