Chapter 6, 7, 8, 9, 10, and 11 Unit 02 Exam

question

Each optional feature is found on most mobile devices EXCEPT _____.
answer

operating system
question

What is considered the biggest vulnerability related to portable devices?
answer

Portability
question

A centralized directory of digital certificates is called a(n) _____.
answer

Certificate Repository (CR)
question

Which of the following is a security flaw in the WPS PIN method?
answer

No lockout limit
question

Which type of device log contains the most beneficial security data?
answer

firewall log
question

Which authentication protocol is available as a free download that runs on Microsoft Windows, Apple Mac OS X, and Linux?
answer

Kerberos
question

What is the value of a checksum?
answer

Verification of integrity
question

Each of these is a technique for securing a router EXCEPT _____.
answer

making all configuration changes remotely
question

Which of the following is a value that never changes in a WEP transmission?
answer

24-bit IV
question

Which of these is NOT part of the makeup of the AAA elements in network security?
answer

determining user need (analyzing)
question

How does MAM initially manage apps by restricting parts of an app?
answer

App wrapping
question

A Unified Threat Management Security Appliance can provide all of the following EXCEPT what?
answer

Internal port mirroring
question

Where does a web-based computer store user files?
answer

on the Internet
question

What does an organization accomplish using least privilege?
answer

Limiting attack surface
question

Which of the following is a threat vector associated with mobile devices?
answer

Unused features
question

Bob has attempted to enter the passcode for his mobile device but keeps entering the wrong code. Now he is asked to enter a special phrase to continue. This means that Bob’s mobile device is configured to _____.
answer

reset to factory settings
question

On Windows systems, a security identifier is a unique variable directly linked to which of the following?
answer

Integrity level
question

When using FTP active mode, which command is sent to the server?
answer

PORT
question

A(n) _____ intercepts internal user requests and then processes those requests on behalf of the users.
answer

proxy server
question

How are TLS and SSL currently different in regards to security?
answer

TLS v1.2 is considered more secure than any version of SSL
question

Which of the following is NOT a security concern of virtualized environments?
answer

Virtual servers are less expensive than their physical counterparts.
question

Where is a NIPS generally located?
answer

In a firewall
question

What is the unauthorized access of information from a wireless device through a Bluetooth connection called?
answer

bluesnarfing
question

What technology would prohibit a client from connecting to the network due to an out-of-date antivirus?
answer

NAC
question

Public key infrastructure (PKI) _____.
answer

is the management of digital certificates
question

A preshared key (PSK) of fewer than _____ characters may be subject to an attack if that key is a common dictionary word.
answer

20
question

A multipurpose security device is known as _____.
answer

Unified Threat Management (UTM)
question

Which of these Wi-Fi Protected Setup (WPS) methods is vulnerable?
answer

PIN method
question

Where are private keys NOT stored?
answer

Within digital certificates
question

A _____ watches for attacks and sounds an alert only when one occurs.
answer

network intrusion detection system (NIDS)
question

Which technology can prevent DNS poisoning in a DNS namespace?
answer

BIND
question

If a service account is used by an automated system to create and delete files based on certain criteria, that service account is an example of which of the following?
answer

Subject
question

Which of the following could make an entire POP server inaccessible?
answer

A missing MX record
question

What is the primary purpose of an event log of a system?
answer

To provide accounting for an occurrence
question

Which version of Simple Network Management Protocol (SNMP) is considered the most secure?
answer

SNMPv3
question

WPAs MIC is a mathematical function that can potentially drop packets and can prevent which of the following from occurring?
answer

Man-in-the-middle attacks
question

What is the version of the X.500 standard that runs on a personal computer over TCP/IP?
answer

LDAP
question

A user entering her user name would correspond to the _____ action in access control.
answer

identification
question

What prevents a mobile device from being used until the user enters the correct passcode?
answer

lock screen
question

Which of these would NOT be a valid Internet Control Message Protocol (ICMP) error message?
answer

Router Delay
question

A(n) _____ can identify the application that send packets and then make decisions about filtering based on it
answer

application-aware firewall
question

Which of the following is a limitation of a layer 2 switch compared to a layer 3 switch?
answer

A layer 2 switch cannot pass traffic based on network destination
question

Which of the following does a digital certificate NOT contain?
answer

Serial number of the digital certificate
question

The -party trust model supports CA.
answer

third
question

Digital certificates can be used for each of these EXCEPT _____.
answer

to verify the authenticity of the Registration Authorizer
question

PKI consists of all of the following EXCEPT what?
answer

Practices
question

How does a bus mastering feature allow a CardBus to be more efficient when accessing data?
answer

Communicating with devices without the CPU
question

What is the primary weakness of wired equivalent privacy (WEP)?
answer

Its usage creates a detectable pattern.
question

Why is DAC considered a weaker defense than MAC?
answer

DAC relies on the end-user to secure data
question

AES-CCMP is the encryption protocol standard used in _____.
answer

WPA2
question

The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _____.
answer

digital certificate
question

How does FTP transfer data?
answer

Using TCP port 20
question

On which of the following devices is IPsec likely to be implemented?
answer

Router
question

What is the current version of TACACS?
answer

TACACS+
question

What is one reason Android devices are considered to be at a higher security risk than iOS devices?
answer

Android apps can be sideloaded.
question

Which of the following is NOT an example of an NFC vulnerability?
answer

DNS poisoning
question

A Windows-based ACE includes an access mask that specifies the access rights guarded by the ACE. When is this mask used to request access rights?
answer

When an object is opened
question

Where did QR codes originally come from and for which industry?
answer

Automotive industry in Japan
question

Which of the following is a security vulnerability associated with MAC address filtering?
answer

Exchange between devices is unencrypted
question

How does network address translation (NAT) improve security?
answer

It discards unsolicited packets.

Get instant access to
all materials

Become a Member