Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
64 Cards in this Set
- Front
- Back
You have been hired as a security consultant for a small company. Management is concerned about the security of their company web server due to some recent DoS attacks. They have asked you to provide them with specific procedures to follow to get the web server back online as quickly as possible if another attack occurs. Which will assist in task |
Create an incident management document |
|
Relies on out of band key exchanges to transport keys |
Symmetric algorithms |
|
Your network has a strict security and firewall policy, and all network endpoints use NAT. You need to implement a solution that allows remote workers access to the internal network. The solution should limit configuration changes. What can be done to achieve these goals. |
Create ab SSL/TLS VPN and have the remote access client use the web browser to connect to internal resources |
|
Permits or blocks network traffic based on rules |
Firewalls |
|
Targets wireless networks encrypted with WEP |
IV attacks |
|
Regulation prevents financial institutions from sharing customer information for marketing purposes |
Gramm Leach Bililey Act |
|
Implementation of recommended settings for apps |
Baselining |
|
Examples of risk mitigation strategies |
Permissions review Routine audits |
|
Formula to calculate ALE |
SLE*ARO |
|
In a server room what can be used to control both the humidity and the temperature |
HVAC |
|
Type of password attack that can make use of mutations |
Hybrid attacks |
|
Used to secure packets on a VPN |
IPSec |
|
What can be used to service several network connections over an unsecure network |
VPN concentrator |
|
Example of active attack |
Configure Ethercap to redirect packets to another host |
|
You are working on segmenting a small network to adhere to the VLAN management secure network administration principle. You would like to create four VLANs, one for each company department. If all departments need to communicate with one another, which devices would you use |
One router One layer 2 switch |
|
Your company has recently implemented a PKI. Which of the following are used within a PKI to encrypt or decrypt a message sent by one user to another? |
Private key Public key |
|
Which secure administration principle is applied to a switch and involves providing network access based on a client computers MAC address |
Port security |
|
Which option describes the average time a device or system is expected to last before it fails |
MTTF |
|
You need to provide a username, PIN, and a generated passcode to successfully log in to a computer. The passcode is obtained from the display of a small handheld device. Which of the following options is this an example of |
Hardware token |
|
Encryption Types: RC4 |
WEP |
|
Encryption Types:
64 Bit |
WEP |
|
Encryption Types: CCMP |
WPA2 |
|
Encryption Types: TKIP |
WPA |
|
Encryption Types: 256 bit |
WPA2 |
|
Which tool can be used to assist IT teams with administering BYOD devices in a company |
MDM software |
|
Which attack exploits application vulnerabilities between the time the vulnerability is first discovered and when a fix is provided by the application developers |
Zero day |
|
Which type of attack refers to a malicious users ability to execute any command of their choosing on a computer by exploiting a program vulnerability |
Arbitrary code execution |
|
As a network technician within your company one of your main tasks is to gather and analyze system and network security reports. Using these reports, you are required to collaborate with your IT team to identify system and network issues and their root cause. You must also identify areas of weakness within your network that may require additional resources to avoid future issues. What action meets these requirements |
Review system and network security reports for trends |
|
Which of the following technologies is used to prevent external users from identifying the IP addressing scheme of internal clients on a network |
NAT |
|
The incident response team has responded to a security threat where an employees computer has been infected with a virus. Following incident response procedures, during the recovery phase what should be done |
Computer should be rebuilt |
|
As a network tech within your company you have been tasked with applying changes to your corporate account management policy. You are required to ensure that users must use 20 unique passwords before an old account password can be reused. You must also ensure that their user account passwords are forced to be updated every 30 days. Which account policies should you use to meet these requirements. |
Max password age Enforce password history |
|
Your friend configured a wireless network in his house and configured wireless encryption to secure the network. A few days later his neighbor told him he was able to access the wireless network. Which encryption type did your friend most likely configure
|
WEP |
|
You have just replaced a computer in the office with a new computer. Which actions would best improve security on this computer |
Install updates Remove services not used |
|
Can be used for protection against buffer overflow attacks |
Input validation |
|
Which type of attack refers to a malicious user impersonating another user to gain unauthorized access to computer services |
Session hijacking |
|
Which of the following disaster recovery methods is the most cost effective solution to implement |
Cold site |
|
When a user authenticates to a server multiple authentication services are used to complete the process. Which authentication service is responsible for logging user activity |
Accounting |
|
Which influence tactic creates a feeling of urgency |
Scarcity |
|
Examine the following URL: https://www.brocadero.com Describe URL |
By default communication with the web site will use TCP port 443 TLS/SSL will be used to secure web traffic |
|
Fire types and respective class: Wood |
Class A |
|
Fire types and respective class: Sodium |
Class D |
|
Fire types and respective class: Gas |
Class B |
|
Fire types and respective class: Electrical |
Class C |
|
As the systems administrator for your org you have been tasked with implementing a new database server. The requirements for this database server are that it must be available 24X7 with an uptime of 99% annually. Data must not be at risk of being viewed by unauthorized individuals. What security design goals will ensure requirements are met |
Confidentiality Availability |
|
#access-list 101 deny tcp 172.16.2.0 0.0.0.255 any eq 23 #access-list 101 permit ip any any #interface ethernet 0 #ip access-group 101 out What network device can be used for these configurations |
Router |
|
Which protocol provides the framework for authentication and key exchange within IPSec |
ISAKMP |
|
Which block cipher would be considered most secure |
AES |
|
You are configuring a network router to accept remote commands from admins. The communication should be secure what should be configured |
SSH |
|
PKI trust model: Provides extreme flexibility when designing a trust structure |
Hybrid |
|
PKI trust model: A peer to peer relationship is established between root CAs |
Bridge |
|
PKI trust model: It provides several paths to multiple root CAs and is often referenced as a web model |
Mesh |
|
PKI trust model: It contains a single root CA and is often referenced as a free model |
Hierarchical |
|
Which hash algorithm is used with the NTLM Microsoft security protocol |
MD4 |
|
Virus Types: They mask themselves to avoid detection |
Stealth |
|
Virus Types: They are designed to be difficult to analyze |
Armored |
|
Virus Types: They change themselves to avoid detection |
Polymorphic |
|
Virus Types: They attack a system using multiple methods |
Multipartite |
|
Virus Types: They modify other programs |
Phage |
|
Virus Types: They attach themselves to a legitimate program |
Companion |
|
Which key is often used to securely distribute symmetric algorithm keys |
Session key |
|
Which concept is based on determining how much data an organization can afford to lose |
RPO |
|
You are educating company employees of security awareness. Which type of social engineering attack attempts to obtain personal info from an individual |
Phishing Vishing |
|
You are a security admin for a company. A server was recently hacked in the company's DMZ. You want to collect the data linked to the attack as evidence. Management has informed you that you must use a method to ensure data has not been tampered with after it has been collected. Which of the following procedures can be used |
Taking hashes |
|
Which type of attack can be used to intercept and alter data that is sent between hosts |
Man in the middle |