Chapter 10 Flashcard Answers
Unlock all answers in this set
Unlock answersquestion
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the Web site. The two hashes match. What do you know about the file
answer
Your copy is the same as the copy posted on the website.
question
Which of the following is the strongest hashing algorithm
answer
SHA-1
question
Which of the following best describes high amplifications when applied to hashing algorithms
answer
A small change in the message results in a big change in the hash value.
question
Which of the following is the weakest hashing algorithm
answer
MD-5
question
When two different messages produce the same hash value, what has occurred
answer
Collision
question
Hashing algorithms are use to perform what activity
answer
Create a message digest
question
Your company system is a participant in an asymmetric cryptography system. You've crafted a message to be sent another user. Before transmission, you hash the message, then encrypt the hashing using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. In this example, what protection does the hashing activity provide
answer
Integrity
question
Which of the following is used to verify that a downloaded file has not been altered
answer
Hash
question
By definition, which security concept uses the ability to prove that a sender sent an encrypted message
answer
Non-repudiation
question
You create a new document and save it to a hard drive on a file server on your company's network. Then, you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing what security goal
answer
Confidentiality
question
By definition, which security concept ensures that only authorized parties can access data
answer
Confidentiality
question
What is the cryptography mechanism which hides secret communications within various forms of data
answer
Steganography
question
Which of the following encryption methods combines a random value with the plaintext to produce the cipher text
answer
One-time pad
question
By definition, which security concept uses the ability to prove that a sender sent an encrypted message
answer
Non-repudiation
question
Which of the following is not a valid example of steganography
answer
Encrypting a data file with an encryption key
question
When a cryptographic system is used to protect confidentiality of data, what is actually protected
answer
Unauthorized users are prevented from viewing or accessing the resource.
question
What form of cryptography is best suited for bulk encryption because it is so fast
answer
Symmetric key cryptography
question
Which of the following is not true concerning symmetric key cryptography
answer
Key management is easy when implemented on a large scale.
question
Which of the following algorithms are used in symmetric encryption (Select three.)
answer
Blowfish, AES, 3DES
question
What type of key or keys are used in symmetric cryptography
answer
A shared private key
question
Which of the following is the weakest symmetric encryption method
answer
DES
question
You want to encrypt data on a removable storage device. Which encryption method would you choose to use the strongest method possible
answer
AES
question
How many keys are used with symmetric key cryptography
answer
One
question
Which of the following is used for secure exchange of symmetric encryption keys
answer
Diffie-Hellaman
question
Which of the following algorithms are used in asymmetric encryption (Select two.)
answer
Diffie-Hellman, RSA
question
Which of the follow are characteristics of ECC (Select two.)
answer
Asymmetric encryption, Uses a finite set of values within an algebraic field.
question
A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. What must the receiver use to access the hashing value to the verify the integrity of the transmission
answer
Sender's public key
question
How many keys are used with asymmetric or public key cryptography
answer
Two
question
Above all else, what must be protect to maintain the security and benefit of a asymmetric cryptographic solution, especially if it is widely used for digital certificates
answer
Private keys
question
In the certificate authority trust model known as hierarchy, where does trust start
answer
Root CA
question
Which aspect of certificates makes them a reliable and useful mechanism for providing the identity of a person, system, or service on the Internet
answer
Trusted third-party
question
Which of the following is the employment of two separate key pairs in order to separate the security functions of confidentiality and integrity in a communication system
answer
Dual key pair
question
Certificates can be invalidated by the trusted third-party that originally issued the certificate. What is the name of the mechanism that is used to distribute information about invalid certificates
answer
CRL
question
A PKI is a method for managing which type of encryption
answer
Asymmetric
question
Which of the following protocols are most likely used with digital signatures (Select two.)
answer
ECC, RSA
question
Which of the following defines a method for one CA hierarchy to accept certificates issued by another CA hierarchy
answer
Trusted model
question
What is the purpose of key escrow
answer
To provide a means to recover from a lost private key
question
Which of the following is an entity that accepts and validates information contained within a request for certificate
answer
Registration authority
question
What is a PKI
answer
A hierarchy of computers for issuing certificates
question
What is the most obvious means of providing non-repudiation in a cryptography system
answer
Digital signatures
question
Which of the following items are contained in a digital certificate
answer
Validity period, public key
question
Which of the following identifies someone who can retrieve private keys from storage
answer
Recovery agent
question
Which of the following generates the key pair used in asymmetric cryptography
answer
CSP
question
Which of the following conditions does not result in a certificate being added to the certificate revocation list
answer
Certificate expiration
question
Which of the following is a direct protection of integrity
answer
Digital signature
question
In what form of key management solution is key recovery possible
answer
Centralized
question
Which of the following would you find on a CPS
answer
A declaration of security that the organization is implementing for all certificates
question
Which of the following best describes the content of the CRL
answer
A list of all revoked certificates
question
Which of the following defines a method for one CA hierarchy to accept certificates issued by another CA hierarchy
answer
Trusted model
question
Certificate revocation should occur under all but which of the following conditions
answer
The certificate owner has held the certificate beyond the established lifetime timer
question
Which of the following security measures encrypts the entire contents of a hard drive
answer
Drive Lock
question
You want to protect data on hard drives for users with laptops. You want to drive to be encrypted, and you want to prevent the laptops from booting unless a special USB drive is inserted. In addition, the system should not boot if a change is detected in any of the boot files. What should you do
answer
Implement BitLocker with a TPM
question
To obtain a digital certificate and participate in a Public Key Infrastructure (PKI), what must be submitted and where should it be submitted
answer
Identify data and a certification request to the registration authority (RA)
question
You want to implement BitLocker to encrypt data on a hard disk even if it is moved to another system. You want the system to boot automatically without providing a startup key on an external USB device. What should you do
answer
Enable the TPM in the BIOS
question
You have lost the private key that you have used to encrypt files. You need to get a copy of the private key to open some encrypted files. Who should you contact
answer
Recovery agent
question
Which of the following would require that a certificate be placed on the CRL
answer
The private key is compromised.
question
Which of the following is the best countermeasure for man-in-the-middle attacks
answer
Public Key Infrastructure (PKI)
question
What action is taken when the private key associated with a digital certificate becomes compromised
answer
The certification is revoked and added to the Certificate Revocation List
question
When a sender encrypts a message using their own private key, what security service is being provided to the recipient
answer
Non-repudiation
question
You want a security solution that protects the entire hard drive, preventing access even when it is moved to another system. Which solution would you choose
answer
BitLocker
question
A private key has been stolen. What action should be taken to deal with this crisis
answer
Add the digital certificate to the CRL
question
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which key would Mary use to create the digital signature
answer
Mary's private key
question
You are concerned that if a private key is lost, all documents encrypted using your private key will be inaccessible. Which service should you use to solve this problem
answer
Key escrow
question
Which of the following statements is true when comparing symmetric and asymmetric cryptography
answer
Asymmetric key cryptography is used to distribute symmetric keys.
question
What technology was developed to help improve the efficiency and reliability of checking the validity status of certificates in large complex environments
answer
Online Certificate Status Protocol
question
You have a Web server that will be used for secure transactions for customers who access the Web site over the Internet. The Web server requires a certificate to support SSL. Which method would you use to get a certificate for the server
answer
Obtain a certificate from a public PKI
question
Mary wants to send a message to Sam so the only Sam can read it. Which key would be used to encrypt the message
answer
Sam's public key
question
An SSL client has determined that the Certificate Authority (CA) issuing a server's certificate is on its list of trusted CAs. What is the next step in verifying the server's identity
answer
The CA's public key must validate the CA's digital signature on the server certificate
question
What is the main function of a TPM hardware chip
answer
Generate and store cryptographic keys
question
You used BitLocker to encrypt the hard drive of a laptop. The laptop stores the startup key in the TPM, and a PIN is also required to start the system. Because of a hardware failure, the system will not boot. You want to gain access to the data on the hard drive. What should you do
answer
Move the hard drive to another system. Use the recovery key to unlock the disk.
question
When a sender encrypts a message using their own private key, what security service is being provided to the recipient
answer
Non-repudiation
question
When protection of the content of a message is required, which of the following cryptography solution should be employed
answer
Symmetric encryption
question
Which of the following security would prevent a user from reading a file which she did not create
answer
EFS
question
Which of the following functions are performed by the TPM
answer
Create a hash of system components
question
Which of the following network layer protocols provides authentication and encryption services of IP based network traffic
answer
IPSec
question
Which protocol is used for securely browsing a Web site
answer
HTTPS
question
Which IPSec sub protocol provides data encryption
answer
Encapsulating Security Payload (ESP)
question
You are purchasing a hard disk over the Internet from an online retailer. What does your browser use to ensure the other cannot see your credit card number on the Internet
answer
SSL
question
Which of the following can be used to encrypt Web, e-mail, telnet, file transfer, and SNMP traffic
answer
IPSec (Internet protocol security)
question
Which of the following technologies is based upon SSL (Secure Socket Layer)
answer
TLS (Transport Layer Security)
question
Which of the following is the best countermeasure against man-in-the-middle attacks
answer
IPSec
question
You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations.
answer
SSL
question
Which of the following protocols can TLS for key exchange (Select two.)
answer
RSA, Diffie- Hellman
question
Telnet is inherently insecure its communications is in plain text and easily intercepted. Which of the following is an acceptable alternative to Telnet
answer
SSH
question
Which protocol does HTTPS use to offer greater security in Web transactions
answer
SSL
question
IPSec is implemented through two separate protocols. What are these protocols called (Select two.)
answer
ESP, AH
question
The session keys employed by SSL (Secure Socket Layer) are available in what bit lengths
answer
128 bit and 40 bit
question
What s the primary function of the IKE protocol use with IPSec
answer
Create a security association between communicating partners
question
Which of the following protocols are often added to other protocols to provide secure transmission of data
answer
SSL, TLS
question
Which of the following protocols can be used to securely manage a network device from a remote connection
answer
SSH
question
Which protocol is used for securely browsing a Web site
answer
HTTPS
question
Which of the following is defined as a contract which prescribes the technical support or business parameters that a provider will bestow to its clients
answer
Service level agreement
question
What is the most effective means of improving or enforcing security in any environment
answer
User awareness training
question
Which type of media preparation is sufficient for media that will be reused in a different security context within your organization
answer
Sanitization
question
You have purchased new computers and will be disposing of your old computers. Instead of recycling the computers, you decide to resell them through a local liquidator. Computers were previously not used for storing sensitive information. What should you do prior to getting rid of the computers
answer
Sanitize the hard drives
question
Which of the following activities assigns a security level to different types of data
answer
Information classification
question
Which of the following is not part of security awareness training
answer
Employee agreement documents.
question
As you are helping a user with a computer problem you notice that she has written her password on a note stuck to her computer monitor. You check the password policy of your company and find that the following settings are currently required: ...........Which of the following is best action to take to make remember passwords easier so that she no longer has to write the password down
answer
Implement end-user training
question
A service level agreement (SLA) defines the relationship between, and the contractual responsibilities of providers and recipients of service. Which of the following characteristics are most important when designing an SLA (Select two)
answer
Clear and detailed description of penalties if the level of service is not provided. Detailed provider responsibilities for continuity and disaster recovery mechanisms.
question
Which of the following defines an acceptable use agreement
answer
An agreement which identifies the employees rights to use company property such as Internet access and computer equipment for personal use.
question
When developing the totality of security policy documentation, what type of document will contain instructions or information on remaining compliance with regulations and industry standards
answer
Standards
question
Over the last month you have noticed a significant increase in the occurrence of inappropriate activities performed by employees. What is the best first response step to take in order to improve or maintain the security level of the environment
answer
Improve and hold new awareness sessions
question
Which of the following is not an example of a service level agreement
answer
Security policy design
question
When informing an employee that they are being terminated, what is the most important activity
answer
Disabling their network access
question
If an organization shows sufficient due care, which burden is eliminated in the event of a security breach
answer
Negligence
question
Which of the following are typically associated with human resource security policies (Select two)
answer
Termination, Background checks
question
Which of the following is not used to oversee and/or improve the security performance of employees
answer
Exit interviews
question
A code of ethics provides for all but which of the following
answer
Clearly defines course of action to take when a complex issue is encountered.
question
You have a set of DVD-RW discs that have been used to archive files for your latest development project. You need to dispose of the discs. Which of the following methods should you use to best prevent extracting data from the discs
answer
Shredding
question
What is the primary countermeasure to social engineering
answer
Awareness
question
What is the primary purpose of forcing employees to take mandatory on-week minimum vacations every-year
answer
To check for evidence of fraud
question
What is the most common failure of a security policy in an environment
answer
Lack of user awareness
question
Which of the following is a policy that defines appropriate activities and usage for company resources, assets, and communications
answer
Acceptable use policy
question
Who is responsible for performing the steps of the business continuity plan or disaster recovery plain in the event of an emergency
answer
Recovery team
question
A disaster recovery plan should include all but which of the following
answer
Penetration testing
question
When a recovery is being performed due to a disaster, what services are to be stabilized first
answer
Mission critical
question
In business continuity planning, what is the primary focus of the scope
answer
Business processes
question
What is the primary goal of business continuity planning
answer
Maintaining business operations with reduced or restricted infrastructure capabilities or resources
question
Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service
answer
Clustering
question
Which of the following disk configurations can sustain a loss of any two disks
answer
RAID 1+0
question
You manage the website for your company. The Web 1 server hosts the website. This server has the following configuration:..........Which component is a single point of failure for the website
answer
Disk Controller
question
What is an advantage of RAID 5 over RAID 1
answer
RAID 5 improves performance over RAID 1
question
To prevent server downtime, which of the following components should be installed redundantly in a server system
answer
Power supply
question
You have a computer with three hard disks.............Disk 2 fails. Which of the following is true
answer
Data on the RAID 1 volume is accessible; data on the RAID 0 volume is not.
question
When returning to the rebuilt primary site, the salvage team will restore or return what process first.
answer
Least business-critical
question
Daily backups are done at the ABD company location and only a weekly backup is maintained at another network location. Which of the following disaster recovery strategies is ABD using
answer
Warm site
question
Which of the following is a recovery site that may have electricity connected, but there are no servers installed and no high-speed data lines present
answer
Cold site
question
You manage a Web site for your company. The Web site three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure
answer
Website storage
question
You manage the website for your company. The website uses clusters of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this
answer
Connect one server through a different ISP to the Internet.
question
What is the primary security feature that can be designed into a network's infrastructure to protect and support availability
answer
Redundancy
question
If your mission critical services have a maximum tolerable downtime (MTD) (or a recovery time objective (RTO)) of 36 hours, what would be the optimum form of recovery site you should choose
answer
Warm
question
Which form of alternate site is the cheapest but my not allow an organization to recover before reaching their maximum tolerable downtime
answer
Reciprocal agreement
question
You have been asked to implement a RAID 5 solution for RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5
answer
3
question
Which of the following drive configuration is fault tolerant
answer
RAID 5
question
When should a hardware device be replaced in order to minimize downtime
answer
Just before it's a MTBF is reached
question
You have been asked to deploy a network solution that requires an alternate location where operational recovery is provided within minutes of a disaster. Which of the following strategies would you choose
answer
Hot site
question
To increase your ability to recover from a disaster, where should you store backup tapes
answer
At the vice president's home
question
Which of the following are backed up during an incremental backup
answer
Only files that have changed since the last full or incremental backup.
question
What does a differential backup do during the backup
answer
Back up all files with the archive bit set; does not reset the archive bit
question
Your network uses the following backup strategy: full backup every Sunday night, Incremental backups Monday through Saturday nights. Thursday morning the storage system fails. How many restore operations will you need to perform to recover all the data
answer
4
question
Your network performs a full back every night. Each Sunday, the previous night's backup tape is archived. Wednesday morning the storage system fails. How many restore operations will you need to perform to recover all the data
answer
1
question
A system failure has occurred. Which of the following restoration process would result in the fastest restoration of all data t its most current state
answer
Restore the full backup and the last differential backup.
question
You organization uses the following tape rotation strategy for its backup tapes: 1. The first set of tapes is used for daily backups 2. At the end of each week, the latest daily backup tape is promoted to be the weekly backup tape 3. At the end of the each month, one of the weekly backup tapes is promoted to be the monthly backup tape. What kind of backup ration strategy is being used
answer
Grandfather
question
Even if you perform regular backups, what must be done to ensure that you are protected against data loss
answer
Regularly test restoration procedures
question
Which backup strategy backsup all files from a computer's file system regardless of whether the file's archive bit is set or not and marks them as having been backed up
answer
Full
question
What does an incremental backup do during the backup
answer
Backs up all file with the archived bit set; resets the archive bit.
question
Why should backup media be stored offsite
answer
To prevent the same disaster from affecting the both network and the backup media.
question
Which of the following are backed up during a differential backup
answer
Only file that have changed since the last full backup.
question
The disaster recovery plan calls for having tape backups stored at a different location. The location is a safe deposit box at the local back. Because of this, the disaster recovery plan specifies to choose a method that uses the fewest tapes, but is also quick to back up and restore files. Which backup strategy would best meet the disaster recovery plan for tape backups
answer
Perform a full backup once a week with a differential backup the other days of the week.
question
Your network uses the following backup strategy: Full backup every Sunday night, Differential backup Monday through Saturday nights. Thursday morning the storage system fails. How many restore operations will you need to perform to recover all the data
answer
2
question
Which backup strategy backs up only files which have the archive bit set, but does not mark them as having backed up
answer
Differential
question
Which of the following is the least effective power loss protection for computer systems
answer
Surge protector
question
Which of the following fire extinguisher types poses a safety risk to users in the area (Select tow)
answer
Halon, C02
question
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area into server components and affecting the availability of the network. Which of the following should you implement
answer
Positive pressure system
question
Which of the following fire extinguisher suppressant types is best use for electrical fires that might result when working with computer components
answer
Carbon dioxide (CO2)
question
Besides protecting a computer from under voltages, typical UPS also performs which two actions
answer
Protects from over voltages, Conditions the power signal
question
Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do
answer
Install shielded cables near the elevator
question
What is the recommended humidity level for a server rooms
answer
50%
question
You're responsible for implementing network cabling in a new Gigabit Ethernet network installation. The cabling will be installed in a manufacturing environment where there is a great deal of electromagnetic interference (EMI). Which type of cabling would operate best in this environment (Choose two.)
answer
Category 5 shielded twisted pair cable, Fiber-optic cable
question
You walk by the server room and notice a fire has started. What should you do first
answer
Make sure everyone has cleared the area.
question
Components within your server room are failing at rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do the help reduce problems
answer
Add a separate A/C unit in the server room
question
Which of the following statements about ESD is not correct
answer
ESD is more likely to occur when the relative humidity is above 50%
question
Of the following cables, which offer the best protection against EMI
answer
Single mode fiber optic cable
question
Which of the following fire extinguishers types is best for electrical fires that might result when working with computer components
answer
Class C
question
Which of the following is not a form of social engineering
answer
Impersonating a user by logging on with stolen credentials
question
Dumpster diving is a low-tech mean of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving
answer
Establish and enforce a document destruction policy
question
Which of the following is a form of attack that tricks victims into providing confidential information, such as identity information or logon credentials, through e-mails or Web sites that impersonate an online entity that the victim trusts, such as a financial institution or well known e-commerce site
answer
Phishing
question
What is the primary difference between impersonating and masquerading
answer
One is more active, the other is more passive
question
Which of the following is a common form of social engineering attack
answer
Hoax virus information e-mails.
question
Which of the following are examples of social engineering (Select two)
answer
Shoulder surfing, Dumpster diving
question
You have just received a generic-looking e-mail that is addressed as coming from the administrator of your company. The e-mail says that as part of a system upgrade, you are to go to a Web site and enter your username and password at a new Web site so you can manage your e-mail and spam using new services. What should you do
answer
Verify that e-mail was sent by the administrator and that this new service is legitimate.
question
What is the primary countermeasure to social engineering
answer
Awareness
question
How can organization help prevent social engineering attacks (Select two)
answer
Publish and enforce clearly-written security polices, Educate employees on the risk and countermeasures
question
On your way into the back entrance of the building at work one morning, a man dressed as a plumber ask you to let him in so he can "fix the restroom." What should you do
answer
Direct him to the front entrance and to check in with the receptionist.
question
A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind productions. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of project's detail so the project can get back on schedule. What type of an attack best describes the scenario
answer
Whaling
question
Which of the following social engineering attacks use Voice over IP (VoIP) to gain sensitive information
answer
Vishing
question
How can an organization help prevent social engineering attacks (Select two)
answer
Publish and enforce clearly-written security policies, Educate employees on the risk and countermeasures
question
When duplicating a drive for forensic investigation purposes, which of the following copying methods is most appropriate
answer
Bit-level cloning
question
You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer form the network to isolate it from the network and stop the attack. What should you do next
answer
Perform a memory dump
question
The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following actions is most likely to destroy critical evidence
answer
Rebooting the system
question
You want to store your computer-generated audits logs in case they are needed in the future examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future
answer
Create a hash of each log.
question
During a recent site survey, you find a rouge wireless access point on your network. Which of the following actions should you take first to protect your network, while still preserving evidence
answer
Disconnect the access point from the network
question
When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first
answer
Document what's on screen
question
The chain of custody is used for what purposes
answer
Listing people coming into contact with evidence
question
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this
answer
Chain of custody
question
Which of the following is an important aspect of evidence gathering
answer
Backing up all log files and audit trails
question
If maintaining confidentiality is of the utmost importance to your organization, which is the best response when an intruder is detected on your network
answer
Disconnect the intruder
question
You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activates on the disk to see what kind of information it contains. What should you do first
answer
Make a bit-level copy of the disk
question
After an intrusion has occurred and the intruder has been removed from the system, which of the following is the best next step or action to take
answer
Back up all logs and audits regarding the incident
question
You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by the attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do
answer
Contact your customer to let them know of the security breach
question
How can a criminal investigator ensure the integrity of a removable media device found while collecting evidence
answer
Create a checksum using a hashing algorithm
question
Which method can be use to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence
answer
Hashing
question
What is the most important element related to evidence in addition to the evidence itself
answer
Chain of custody document
