Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
25 Cards in this Set
- Front
- Back
- 3rd side (hint)
Which of the following fall into the category of physical security measures? (Select all that apply) |
(a) Vulnerability scanner |
(b) Hardware lock
(d) Mantrap |
|
Software that performs unwanted and harmful actions in disguise of a legitimate and useful program is also referred to as:
|
(a) Trojan horse |
(a) Trojan horse |
|
The term Trusted OS refers to an operating system:
|
(a) That has been authenticated on the network |
(c) With enhanced security features |
|
Which of the following would be the fastest in validating a digital certificate?
|
(a) IPX
(b) OSPF (c) CRL (d) OCSP |
(d) OCSP
|
|
HTTPS runs on TCP port:
|
(a) 143
(b) 80 (c) 443 (d)137 |
(c) 443
|
|
Paper shredder would help in preventing what kind of threats? (Select all that apply)
|
(a) Social engineering
(b) Dumpster diving (c) Tailgating (d) Zero-day attack |
(a) Social engineering
(b) Dumpster diving |
|
Penetration test with the prior knowledge on how the system that is to be tested works is also known as:
|
(a) White box
(b) Sandbox (c) Black box (d) White hat |
(a) White box
|
|
What type of protocols ensure the privacy of a VPN connection?
|
(a) Tunneling
(b) Telnet (c) IPv6 (d) OSPF |
(a) Tunneling
|
|
Zero-day attack exploits:
|
(a)Well known vulnerabilities
(b) New accounts (c) Patched software coding errors (d)Vulnerability that is present in already released software but unknown to the software developer |
(d)Vulnerability that is present in already released software but unknown to the software developer
|
|
An authentication subsystem that enables a user to access multiple, connected system components (such as separate hosts on a network) after a single login at only one of the components is also referred to as:
|
(a) SSL
(b) SSO (c) WAP (d)TLS |
(b) SSO
|
|
What is tailgating?
|
(a) Manipulating a user into disclosing confidential information
(b) Gaining unauthorized access to restricted areas by following another person (c) Scanning for unsecured wireless networks while driving in a car (d)Looking over someone's shoulder in order to get information |
(b) Gaining unauthorized access to restricted areas by following another person
|
|
Which of the following are symmetric-key algorithms? (Select all that apply)
|
(a) RSA
(b) DES (c) 3DES (d) Diffie-Hellman (e) AES |
(b) DES
(c) 3DES (e) AES |
|
TCP port 22 is used by default by: (Select all that apply)
|
(a) SCP
(b) SFTP (c)SMTP (d) FTP (e)SSH |
(a) SCP
(b) SFTP (e) SSH |
|
A maximum acceptable period of time within which a system must be restored after failure is also known as:
|
(a) Meantime Between Failures (MTBF)
(b) Meantime To Restore (MTTR) (c) Maximum Tolerable Period of Disruption (MTPOD) (d)Recovery Time Objective (RTO) |
(d)Recovery Time Objective (RTO
|
|
Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply)
|
(a) NTP
(b) PAP (c) Kerberos (d) CHAP |
(c) Kerberos
(d) CHAP |
|
A policy outlining ways of collecting and managing personal data is also known as:
|
(a) Data loss prevention
(b) Acceptable use policy (c) Audit policy (d) Privacy policy |
(d) Privacy policy
|
|
Which of the following solutions is used for controlling temperature and humidity?
|
(a) Faraday cage
(b) UART (c) EMI shielding (d) HVAC |
(d) HVAC
|
|
Sticky note with a password kept on sight in the user's cubicle would be a violation of which of the following policies?
|
(a) Clean desk policy
(b) Data labeling policy (c) User account policy (d) Password complexity |
(a) Clean desk policy
|
|
TCP port 23 is used by:
|
(a) SMTP
(b) TFTP (c) SSH (d) Telnet |
(d) Telnet
|
|
A chronological record outlining persons in possession of an evidence is also referred to as:
|
(a) Chain of custody
(b) Data handling chain (c) Evidence timeline (d) Information classification |
(a) Chain of custody
|
|
Which of the following acronyms refers to any type of information pertaining to an individual that can be used to uniquely identify that individual?
|
(a) PIN
(b) ID (c) Password (d) PII |
(d) PII
|
|
Which of the following terms refers to a rogue access point?
|
(a) Evil twin
(b) Computer worm (c) Backdoor (d) Trojan horse |
(a) Evil twin
|
|
A group of computers running malicious software under control of a hacker is also referred to as:
|
(a) Botnet
(b) Ethernet (c) Intranet (d) Subnet |
(a) Botnet
|
|
Which IPsec mode provides whole packet encryption?
|
(a) Host-to-host
(b) Payload (c) Tunnel (d) Transport |
(c) Tunnel
|
|
Security measures that can be applied to mobile devices include: (Select all that apply)
|
(a) Load balancing
(b) Remote sanitation (c) Quality of Service (QoS) (d) Encryption and passwords (e) Voice encryption |
(b) Remote sanitation
(d) Encryption and passwords (e) Voice encryption |