The flashcards below were created by user
lmatravel
on FreezingBlue Flashcards.
-
Which of the following can a security adin implement to help identify smurf attacks
NIDS
-
Which Provide the HIGHEST level of wireless network security
WPA2
-
Which wireless security controls can be easily and quickly circumvented using only a network sniffer
- MAC filtering
- Disabled SSID broadcast
-
Which should be considered when trying to prevent somebody from capturing network traffic
EM shielding
-
Which BEST describes the use of hiding data within other files
Steganography
-
A security admin is tasked with ensuring that all servers are highly available and that hards drive failure will not affect an individual servers. Which configurations will allow for high availability
- Hardware RAID 5
- Software RAID 1
-
While browsing the internet, and admin notices their browser behaves erratically, appears to download something, and then crashes. Upon restarting the PC, the admin notices performance is extremely slow and there are hundreds of outbound connections to various websites. Which BEST describes what has occurred?
The PC has become part of a botnet
-
Which of the following authentication services would be used to authenticate users trying to access a network device
SSH
SNMPv3
TCACS+
TELNET
TACACS+
-
In order to ensure high availability of all critical servers, backups of the main datacenter are done in the middle of the night and then the backup tapes are taken to an offsite location. Which of the following would ensure the minimal amount of downtime in the case of a disaster
Having the offsite location of tapes also be the hot site
-
Which of the following is a removable device that may be used to encrypt in a high availability clustered environment
HSM
-
Which of the following secruity threats does shredding mitigate
dumpster diving
-
Bsed on logs from file servers, remote access systems, and IDS a malicious insider was stealing data using a personal laptop while connected by VPN. The affected compnay wants access to the laptop to determine loss, but the insider's lawyer insists the laptop cannot be identified. Which of the following would BEST be used to identify the specific computer used by the insider
MAC address
-
The detection of a NOOP sled is an indication of which of the following attacks
Buffer overflow
-
Which of the following MUST a programmer implement to prevent cross-site scripting?
Validate input to remove hypertext
-
Which of the following would be considered multifactor authentication
Pin number and a smart card
-
Isolation mode on an AP provides which of the following functionality types
Segmentation of each wireless user from other wireless users
-
Which is the MOST likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network
Botnet
-
When granting access, which of the following protocols uses multiple-challenge responses for authentication, authorization and audit
TACACS
TACACS+
LDAP
RADIUS
TACACS+
-
Which of the following is the BEST choice for encryption on a wireless network?
WPA2-PSK
-
A bulk update process failes and writes incorrect data throughout the database which of the following concepts describes what has been compromised
Integrity
-
Which of the following uses tickets to identify users to the network?
Kerbos
-
Which of the follwoing would be the BEST action to perform when conducting a corporate vulnerability assessment
Organize data based on severity and asset value
-
Which of the following BEST describes the proper method and reason to implement port security
Apply secrutiy control which ties specific ports to end-device MAC addresses and prevents ADDITIONAL devices from being connected to the network.
-
A technician needs to limit the wireless signal from reaching outside of a building. Which of the following actions should the technician take
Decrease the power levels on the WAP.
-
The BEST way to protect the confidentiality of sensitive data entered in a database table is to use:
hashing
-
Which of the following is seen as non-secure based on tis ability to only store seven uppercase characters of data making it susceptible to brute force attacks
LANMAN
-
Which of the following is the MOST secure method of utilizing FTP
FTPS
-
Which of the following devices BEST allows a security administrator to identify malicious activity after it has occurred?
IDS
-
Which of the following is specific to a buffer overflow attack
Initial vector
-
Which of the following malware types is MOST commonly installed through the use of thumb drives to compromise systems and provide unauthorized access
Trojans
-
Which of the following allows a security administrator to set device traps?
SNMPS
-
NTLM is an improved and substantially backwards compatible replacement for which of the following
passwd
-
Which of the following assists in identifying if a system was properly handles during transport
Chain of custody
-
Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration?
User rights
-
A proximity card reader is used to test which of the following aspects of human authentication
Something a user has
-
Public keys are used for which of the following
Decrypting the hash of an electronic signature
-
Which of the following cloud computing concepts is BEST described as providing an easy-to-configure OS and on-demand computing for customers
Platform as a Service
-
Which of the following is an example of verifying new software changes on a test system
Patch management
-
Which of the following describes the purpose of chain of custody as applied to forensic image retention?
To provide documentation as to who has handled the evidence
-
A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the datacenter. Whick of the following are being addressed
- Confidentiality
- Availability
-
Which of the follwoing devices would allow a technician to view IP headers ona data packet
Protoco analyzer
-
A company that purchases insurance to reduce risk is an example of which of the following
Risk transference
-
Which of the following is a management control type?
- Vulnerability scanning
- Least privilege implementation
- Baseline configuration development
- Session locks
-
Which of the following is an example of allowing another user physical access to a secured area with out validation of their credentials
Tailgating
-
A security adminstrator performs several war driving routes each month and recently has noticed a certain area with a large number of unauthorized devices. Which of the following attack types is MOST likely occurring
Rogue access points
-
Applying detailed instructions to manage the flow of network traffic at the edge of the network, including allowing or denying trafic ased on port, protocol, address, or dierction is an implementation of which of the following
Firewall rules
-
Which of the following requires special handling and explicit policies for data retention and data distribution
Personally identifiable information
-
Which of the following protocols only encrypts password packets from client to server
XTACACS
TACACS
RADIUS
TCACS+
RADIUS
-
Which of the following protocols requires the use of a CA based authentication process
FTPS Implicit
FTPS explicit
MD5
PEAP-TLS
PEAP-TLS
-
If a user wishes to receive a file encrypted with PGP, the user must FIRST supply the
public key
|
|