Chapter 6, 7, 8, 9, 10, and 11 Unit 02 Exam – Flashcards
60 test answers
Unlock all answers in this set
Unlock answers 60question
Which type of device log contains the most beneficial security data?
answer
firewall log
Unlock the answer
question
Which authentication protocol is available as a free download that runs on Microsoft Windows, Apple Mac OS X, and Linux?
answer
Kerberos
Unlock the answer
question
What is the value of a checksum?
answer
Verification of integrity
Unlock the answer
question
Each of these is a technique for securing a router EXCEPT _____.
answer
making all configuration changes remotely
Unlock the answer
question
Which of the following is a value that never changes in a WEP transmission?
answer
24-bit IV
Unlock the answer
question
Which of these is NOT part of the makeup of the AAA elements in network security?
answer
determining user need (analyzing)
Unlock the answer
question
How does MAM initially manage apps by restricting parts of an app?
answer
App wrapping
Unlock the answer
question
A Unified Threat Management Security Appliance can provide all of the following EXCEPT what?
answer
Internal port mirroring
Unlock the answer
question
Where does a web-based computer store user files?
answer
on the Internet
Unlock the answer
question
What does an organization accomplish using least privilege?
answer
Limiting attack surface
Unlock the answer
question
Which of the following is a threat vector associated with mobile devices?
answer
Unused features
Unlock the answer
question
Bob has attempted to enter the passcode for his mobile device but keeps entering the wrong code. Now he is asked to enter a special phrase to continue. This means that Bob's mobile device is configured to _____.
answer
reset to factory settings
Unlock the answer
question
On Windows systems, a security identifier is a unique variable directly linked to which of the following?
answer
Integrity level
Unlock the answer
question
When using FTP active mode, which command is sent to the server?
answer
PORT
Unlock the answer
question
A(n) _____ intercepts internal user requests and then processes those requests on behalf of the users.
answer
proxy server
Unlock the answer
question
How are TLS and SSL currently different in regards to security?
answer
TLS v1.2 is considered more secure than any version of SSL
Unlock the answer
question
Which of the following is NOT a security concern of virtualized environments?
answer
Virtual servers are less expensive than their physical counterparts.
Unlock the answer
question
Where is a NIPS generally located?
answer
In a firewall
Unlock the answer
question
What is the unauthorized access of information from a wireless device through a Bluetooth connection called?
answer
bluesnarfing
Unlock the answer
question
What technology would prohibit a client from connecting to the network due to an out-of-date antivirus?
answer
NAC
Unlock the answer
question
Public key infrastructure (PKI) _____.
answer
is the management of digital certificates
Unlock the answer
question
A preshared key (PSK) of fewer than _____ characters may be subject to an attack if that key is a common dictionary word.
answer
20
Unlock the answer
question
A multipurpose security device is known as _____.
answer
Unified Threat Management (UTM)
Unlock the answer
question
Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable?
answer
PIN method
Unlock the answer
question
Where are private keys NOT stored?
answer
Within digital certificates
Unlock the answer
question
A _____ watches for attacks and sounds an alert only when one occurs.
answer
network intrusion detection system (NIDS)
Unlock the answer
question
Which technology can prevent DNS poisoning in a DNS namespace?
answer
BIND
Unlock the answer
question
If a service account is used by an automated system to create and delete files based on certain criteria, that service account is an example of which of the following?
answer
Subject
Unlock the answer
question
Which of the following could make an entire POP server inaccessible?
answer
A missing MX record
Unlock the answer
question
What is the primary purpose of an event log of a system?
answer
To provide accounting for an occurrence
Unlock the answer
question
Which version of Simple Network Management Protocol (SNMP) is considered the most secure?
answer
SNMPv3
Unlock the answer
question
WPAs MIC is a mathematical function that can potentially drop packets and can prevent which of the following from occurring?
answer
Man-in-the-middle attacks
Unlock the answer
question
What is the version of the X.500 standard that runs on a personal computer over TCP/IP?
answer
LDAP
Unlock the answer
question
A user entering her user name would correspond to the _____ action in access control.
answer
identification
Unlock the answer
question
What prevents a mobile device from being used until the user enters the correct passcode?
answer
lock screen
Unlock the answer
question
Which of these would NOT be a valid Internet Control Message Protocol (ICMP) error message?
answer
Router Delay
Unlock the answer
question
A(n) _____ can identify the application that send packets and then make decisions about filtering based on it
answer
application-aware firewall
Unlock the answer
question
Which of the following is a limitation of a layer 2 switch compared to a layer 3 switch?
answer
A layer 2 switch cannot pass traffic based on network destination
Unlock the answer
question
Which of the following does a digital certificate NOT contain?
answer
Serial number of the digital certificate
Unlock the answer
question
The -party trust model supports CA.
answer
third
Unlock the answer
question
Digital certificates can be used for each of these EXCEPT _____.
answer
to verify the authenticity of the Registration Authorizer
Unlock the answer
question
PKI consists of all of the following EXCEPT what?
answer
Practices
Unlock the answer
question
How does a bus mastering feature allow a CardBus to be more efficient when accessing data?
answer
Communicating with devices without the CPU
Unlock the answer
question
What is the primary weakness of wired equivalent privacy (WEP)?
answer
Its usage creates a detectable pattern.
Unlock the answer
question
Why is DAC considered a weaker defense than MAC?
answer
DAC relies on the end-user to secure data
Unlock the answer
question
AES-CCMP is the encryption protocol standard used in _____.
answer
WPA2
Unlock the answer
question
The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _____.
answer
digital certificate
Unlock the answer
question
How does FTP transfer data?
answer
Using TCP port 20
Unlock the answer
question
On which of the following devices is IPsec likely to be implemented?
answer
Router
Unlock the answer
question
What is the current version of TACACS?
answer
TACACS+
Unlock the answer
question
What is one reason Android devices are considered to be at a higher security risk than iOS devices?
answer
Android apps can be sideloaded.
Unlock the answer
question
Which of the following is NOT an example of an NFC vulnerability?
answer
DNS poisoning
Unlock the answer
question
A Windows-based ACE includes an access mask that specifies the access rights guarded by the ACE. When is this mask used to request access rights?
answer
When an object is opened
Unlock the answer
question
Where did QR codes originally come from and for which industry?
answer
Automotive industry in Japan
Unlock the answer
question
Which of the following is a security vulnerability associated with MAC address filtering?
answer
Exchange between devices is unencrypted
Unlock the answer
question
How does network address translation (NAT) improve security?
answer
It discards unsolicited packets.
Unlock the answer
