Chapter 6, 7, 8, 9, 10, and 11 Unit 02 Exam – Flashcards
Unlock all answers in this set
Unlock answersquestion
Each optional feature is found on most mobile devices EXCEPT _____.
answer
operating system
question
What is considered the biggest vulnerability related to portable devices?
answer
Portability
question
A centralized directory of digital certificates is called a(n) _____.
answer
Certificate Repository (CR)
question
Which of the following is a security flaw in the WPS PIN method?
answer
No lockout limit
question
Which type of device log contains the most beneficial security data?
answer
firewall log
question
Which authentication protocol is available as a free download that runs on Microsoft Windows, Apple Mac OS X, and Linux?
answer
Kerberos
question
What is the value of a checksum?
answer
Verification of integrity
question
Each of these is a technique for securing a router EXCEPT _____.
answer
making all configuration changes remotely
question
Which of the following is a value that never changes in a WEP transmission?
answer
24-bit IV
question
Which of these is NOT part of the makeup of the AAA elements in network security?
answer
determining user need (analyzing)
question
How does MAM initially manage apps by restricting parts of an app?
answer
App wrapping
question
A Unified Threat Management Security Appliance can provide all of the following EXCEPT what?
answer
Internal port mirroring
question
Where does a web-based computer store user files?
answer
on the Internet
question
What does an organization accomplish using least privilege?
answer
Limiting attack surface
question
Which of the following is a threat vector associated with mobile devices?
answer
Unused features
question
Bob has attempted to enter the passcode for his mobile device but keeps entering the wrong code. Now he is asked to enter a special phrase to continue. This means that Bob's mobile device is configured to _____.
answer
reset to factory settings
question
On Windows systems, a security identifier is a unique variable directly linked to which of the following?
answer
Integrity level
question
When using FTP active mode, which command is sent to the server?
answer
PORT
question
A(n) _____ intercepts internal user requests and then processes those requests on behalf of the users.
answer
proxy server
question
How are TLS and SSL currently different in regards to security?
answer
TLS v1.2 is considered more secure than any version of SSL
question
Which of the following is NOT a security concern of virtualized environments?
answer
Virtual servers are less expensive than their physical counterparts.
question
Where is a NIPS generally located?
answer
In a firewall
question
What is the unauthorized access of information from a wireless device through a Bluetooth connection called?
answer
bluesnarfing
question
What technology would prohibit a client from connecting to the network due to an out-of-date antivirus?
answer
NAC
question
Public key infrastructure (PKI) _____.
answer
is the management of digital certificates
question
A preshared key (PSK) of fewer than _____ characters may be subject to an attack if that key is a common dictionary word.
answer
20
question
A multipurpose security device is known as _____.
answer
Unified Threat Management (UTM)
question
Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable?
answer
PIN method
question
Where are private keys NOT stored?
answer
Within digital certificates
question
A _____ watches for attacks and sounds an alert only when one occurs.
answer
network intrusion detection system (NIDS)
question
Which technology can prevent DNS poisoning in a DNS namespace?
answer
BIND
question
If a service account is used by an automated system to create and delete files based on certain criteria, that service account is an example of which of the following?
answer
Subject
question
Which of the following could make an entire POP server inaccessible?
answer
A missing MX record
question
What is the primary purpose of an event log of a system?
answer
To provide accounting for an occurrence
question
Which version of Simple Network Management Protocol (SNMP) is considered the most secure?
answer
SNMPv3
question
WPAs MIC is a mathematical function that can potentially drop packets and can prevent which of the following from occurring?
answer
Man-in-the-middle attacks
question
What is the version of the X.500 standard that runs on a personal computer over TCP/IP?
answer
LDAP
question
A user entering her user name would correspond to the _____ action in access control.
answer
identification
question
What prevents a mobile device from being used until the user enters the correct passcode?
answer
lock screen
question
Which of these would NOT be a valid Internet Control Message Protocol (ICMP) error message?
answer
Router Delay
question
A(n) _____ can identify the application that send packets and then make decisions about filtering based on it
answer
application-aware firewall
question
Which of the following is a limitation of a layer 2 switch compared to a layer 3 switch?
answer
A layer 2 switch cannot pass traffic based on network destination
question
Which of the following does a digital certificate NOT contain?
answer
Serial number of the digital certificate
question
The -party trust model supports CA.
answer
third
question
Digital certificates can be used for each of these EXCEPT _____.
answer
to verify the authenticity of the Registration Authorizer
question
PKI consists of all of the following EXCEPT what?
answer
Practices
question
How does a bus mastering feature allow a CardBus to be more efficient when accessing data?
answer
Communicating with devices without the CPU
question
What is the primary weakness of wired equivalent privacy (WEP)?
answer
Its usage creates a detectable pattern.
question
Why is DAC considered a weaker defense than MAC?
answer
DAC relies on the end-user to secure data
question
AES-CCMP is the encryption protocol standard used in _____.
answer
WPA2
question
The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _____.
answer
digital certificate
question
How does FTP transfer data?
answer
Using TCP port 20
question
On which of the following devices is IPsec likely to be implemented?
answer
Router
question
What is the current version of TACACS?
answer
TACACS+
question
What is one reason Android devices are considered to be at a higher security risk than iOS devices?
answer
Android apps can be sideloaded.
question
Which of the following is NOT an example of an NFC vulnerability?
answer
DNS poisoning
question
A Windows-based ACE includes an access mask that specifies the access rights guarded by the ACE. When is this mask used to request access rights?
answer
When an object is opened
question
Where did QR codes originally come from and for which industry?
answer
Automotive industry in Japan
question
Which of the following is a security vulnerability associated with MAC address filtering?
answer
Exchange between devices is unencrypted
question
How does network address translation (NAT) improve security?
answer
It discards unsolicited packets.