Final SEC110 Chapter 9-15 – Flashcards
Unlock all answers in this set
Unlock answersquestion
Which type of biometrics is based on the perception, thought process, and understanding of the user?
answer
Cognitive biometrics
question
The use of one authentication credential to access multiple accounts or applications is referred to as?
answer
Single Sign On
question
What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker?
answer
Offline Cracking
question
Using a rainbow table to crack a password requires three steps: Creation of the table, comparing the table to known hash values, and decrypting the password.
answer
False
question
What kind of biometrics utilizes a person's unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person's face?
answer
Standard biometrics
question
The use of what item below involves the creation of a large pregenerated data set of candidate digests?
answer
Rainbow Tables
question
What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file?
answer
Brute force
question
OpenID is an example of a web-based federated identity management (FIM) system.
answer
True
question
What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters?
answer
Hybrid
question
Passwords that are transmitted can be captured by what type of software?
answer
protocol analyzer
question
What federated identity management (FIM) relies on token credentials?
answer
OAuth
question
A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a:
answer
Password
question
What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site?
answer
OAuth
question
Which term below describes the time it takes for a key to be pressed and then released?
answer
Dwell time
question
A list of the available nonkeyboard characters can be seen in Windows by opening what utility?
answer
charmap.exe
question
Passwords provide strong protection.
answer
False
question
Geolocation is the identification of the location of a person or object using technology, and can be used as part of an authentication method.
answer
True
question
What type of one-time password (OTP) changes after a set time period?
answer
Time-based one-time password (TOTP)
question
The use of a single authentication credential that is shared across multiple networks is called:
answer
Identity Management
question
A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called:
answer
Common Access Card (CAC)
question
RAM slack can contain any information that has been created, viewed, modified, downloaded, or copied since the computer was last booted.
answer
True
question
RAID level 0 is known as disk mirroring, because it involves connecting multiple drives in the server to the same disk controller card.
answer
False
question
A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as:
answer
Service level agreement
question
A subset of business continuity planning and testing is disaster recovery, also known as IT recovery planning.
answer
False
question
Using technology to search for computer evidence of a crime in order to retrieve information, even if it has been altered or erased, that can be used in pursuit of an attacker or criminal is an example of:
answer
Computer forensics
question
How can an administrator keep devices powered when power is interrupted?
answer
uninterruptible power supply
question
What type of plans include procedures to address redundancy and fault tolerance as well as data backups?
answer
Disaster recovery
question
In what type of cluster does every server perform useful work so that if one fails, the remaining servers take on the additional load?
answer
Symmetric server
question
Select below the type of cluster that is used to provide high-availability applications that require a high level of read and write actions, such as databases, messaging systems, and file and print services:
answer
asymmetric server
question
Most metadata about a file is generated and recorded automatically without the user's knowledge.
answer
True
question
When a company needs to identify mission-critical business functions and quantify the impact a loss of such functions may have on the organization in terms of its operational and financial position, what should be performed?
answer
Business impact analysis (BIA)
question
A location that has all the equipment installed but does not have active Internet or telecommunications facilities, and does not have current backups of data, is an example of a:
answer
Warm site
question
The remaining cluster space of a partially filled sector is padded with contents from RAM. What is the name for this type of scenario?
answer
RAM slack
question
What term is used to describe a documentation of control over evidence, which is used to ensure that no unauthorized person was given the opportunity to corrupt the evidence?
answer
Chain of custody
question
What kind of data can be lost when a computer is turned off?
answer
Volatile
question
What kind of slack is created from information stored on a hard drive, which can contain remnants of previously deleted files or data?
answer
Drive file slack
question
What RAID type below utilizes parity data across all drives instead of using a separate drive to hold parity error checking information?
answer
RAID 5
question
Which term below describes a component or entity in a system which, if it no longer functions, will disable an entire system?
answer
Single point of failure
question
Multiple sectors on a disk, when combined, are referred to as a:
answer
cluster
question
Duplicate image backups are considered a primary key to uncovering evidence because they create exact replicas of the crime scene.
answer
False
question
Which type of network below uses a direct connection between users, and involves each device simultaneously acting as a client and a server?
answer
P2P
question
Most organizations follow a three-phase cycle in the development and maintenance of a security policy.
answer
True
question
A written document that states how an organization plans to protect the company's information technology assets is a:
answer
security policy
question
Policies that include statements regarding how an employee's information technology resources will be addressed are part of a:
answer
security-related human resource policy
question
What is the most common type of P2P network?
answer
Bittorrent
question
A due process policy is a policy that defines the actions users may perform while accessing systems and networking equipment.
answer
False
question
Generally considered to be the most important information security policies, what item below defines the actions a user may perform while accessing systems and networking equipment?
answer
Accessible use policies
question
Websites that group individuals and organizations into clusters or groups based on some sort of affiliation are considered to be what type of websites?
answer
social networking
question
What is the name for a framework and corresponding functions required to enable incident response and incident handling within an organization?
answer
incident management
question
Which of the following is NOT included in a vulnerability assessment?
answer
system performance review
question
Which term below describes the art of helping an adult learn?
answer
andragogical
question
What are values that are attributed to a system of beliefs that help the individual distinguish right from wrong called?
answer
morals
question
The first phase of the security policy cycle involves a vulnerability assessment.
answer
true
question
Audits serve to verify that the security protections enacted by an organization are being followed and that corrective actions can be swiftly implemented before an attacker exploits a vulnerability.
answer
True
question
What kind of policy outlines how organizations use personal information it collects?
answer
privacy
question
What may be defined as the components required to identify, analyze, and contain an incident?
answer
incident response
question
A document that outlines specific requirements or rules that must be met
answer
Policy
question
A collection of suggestions that should be implemented are referred to as a:
answer
guideline
question
What type of learner tends to sit in the middle of the class and learns best through lectures and discussions?
answer
auditory
question
What can be defined as the study of what a group of people understand to be good and right behavior and how people make those judgments?
answer
ethics
question
What is another term used for a security weakness?
answer
vulnerability
question
Which is the term for a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.
answer
honeypot
question
A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as a:
answer
service level agreement
question
Which item below is an imaginary line by which an element is measured or compared, and can be seen as the standard?
answer
baseline
question
If TCP port 20 is open, then an attacker can assume that FTP is being used.
answer
true
question
What security goal do the following common controls address: hashing, digital signatures, certificates, nonrepudiation tools?
answer
integrity
question
During a vulnerability assessment, what type of software can be used to search a system for port vulnerabilities?
answer
port scanner
question
What term below describes a prearranged purchase or sale agreement between a government agency and a business?
answer
Blanket Purchase Agreement
question
The comparison of the present state of a system to its baseline is known as what?
answer
baseline reporting
question
What is the term for a network set up with intentional vulnerabilities?
answer
honeynet
question
An administrator needs to view packets and decode and analyze their contents. What type of application should the administrator use?
answer
protocol analyzer
question
What is the end result of a penetration test?
answer
penetration test report
question
A healthy security posture results from a sound and workable strategy toward managing risks.
answer
True
question
A port in what state below implies that an application or service assigned to that port is listening for any instructions?
answer
open port
question
What term below describes the start-up relationship between partners?
answer
on-boarding
question
Which scan examines the current security, in a passive method?
answer
vulnerability scan
question
A port scanner can be used to search a system for port vulnerabilities. The RADMIN port scanner is an example of this type of software.
answer
True
question
Vulnerability scans are usually performed from outside the security perimeter.
answer
False
question
The goal of what type of threat evaluation is to better understand who the attackers are, why they attack, and what types of attacks might occur?
answer
threat modeling
question
What is the name for the code that can be executed by unauthorized users within a software product?
answer
attack surface
question
A Bluetooth attack in which the attacker accesses unauthorized information from a wireless device using a Bluetooth connection, is known as?
answer
bluesnarfing
question
What device acts like a wireless base station in a network, acting as a bridge between wireless and wired networks?
answer
Access point
question
Because of the weaknesses of WEP, it is possible for an attacker to identify two packets derived from the same IV.
answer
true
question
When using AES-CCMP, the AES-256 bit key requires how many rounds?
answer
13
question
Which encryption protocol below is used in the WPA2 standard?
answer
AES-CCMP
question
Piconets in which connections exist between different piconets are known as a:
answer
Scatternet
question
What is the maximum number of characters that can exist within an SSID name?
answer
32
question
An evil twin AP is an AP that is set up by an attacker to mimic an authorized AP, with the intent to redirect client devices.
answer
False
question
What is the maximum range of most Bluetooth devices?
answer
33 ft
question
APs use antennas that radiate a signal in all directions.
answer
True
question
Select the EAP protocol supported by WPA2 Enterprise that securely tunnels any credential form for authentication using TLS:
answer
EAP-FAST
question
Which option below is responsible for the issuing of EAP request packets?
answer
authenticator
question
Because PEAP can be vulnerable to specific types of attacks, Cisco now recommends that users migrate to a more secure EAP than PEAP.
answer
False
question
The IEEE 802.15.1-2005 standard is based on what version of the Bluetooth specifications?
answer
Bluetooth v1.2
question
An access point that is unauthorized and allows an attacker to bypass network security configurations is considered to be what type of access point?
answer
rogue
question
Slave devices that are connected to a piconet and are sending transmissions are known as what?
answer
active slave
question
What proprietary EAP method developed by Cisco requires mutual authentication for WLAN encryption using Cisco client software?
answer
LEAP
question
How can an administrator force wireless clients to use a standard web browser to provide information, and require a user to agree to a use policy or present valid login credentials?
answer
Captive portal access point
question
Which of the following choices is not one of the four types of packets used by EAP?
answer
Error
question
Bluetooth is an example of what type of technology below?
answer
Personal Area Network
question
Mobile Device Management systems that allow users to store usernames and passwords within a device are said to be using:
answer
Credential management
question
What can be enabled to prevent a mobile device from being used until a user enters the correct passcode, such as a pin or password?
answer
Enable a lock screen
question
A laptop may have multiple hardware ports. Which of the following is not a typical port included on a laptop?
answer
RS232
question
Select below the option that is not one of the SD format card families:
answer
Extreme capacity
question
What term below describes a hand-held mobile device that was intended to replace paper systems, and typically included an appointment calendar, an address book, a "to-do" list, a calculator, and the ability to record limited notes?
answer
personal digital assistant
question
Mobile devices with global positioning system (GPS) abilities typically make use of:
answer
location services
question
What SD card family can be used to transmit pictures over a wireless network to a laptop hard drive or wireless printer?
answer
secure digital input output
question
Select below the option that represents a wearable technology:
answer
Google Glass
question
What PC Card type is typically used for memory?
answer
Type I
question
Select below the item that is not considered to be a basic characteristic of mobile devices:
answer
removable media storage
question
How can an administrator manage applications on mobile devices using a technique called "app wrapping?"
answer
Mobile Application Management
question
The CardBus is a 64-bit bus in the PC card form factor.
answer
False
question
The PC Card and CardBus devices are being replaced by what technology?
answer
ExpressCard
question
Select below the type of computing device that uses a limited version of the Linux operating system and uses a web browser with an integrated media player:
answer
Web-based
question
Simply using a mobile device in a public area can be considered a risk.
answer
True
question
Mobile devices such as laptops are stolen on average once every 20 seconds.
answer
False
question
Which of the following selections is not one of the features provided by a typical MDM?
answer
Track stolen devices
question
A QR code can store website URLs, plain text, phone numbers, e-mail addresses, or virtually any alphanumeric data up to 4296 characters.
answer
True
question
A QR code can't contain which of the following items directly?
answer
A video
question
The Google Android mobile operating system is a proprietary system, for use on only approved devices.
answer
False
question
In a UAC prompt, what color is used to indicate the lowest level of risk?
answer
gray
question
What is the name for a predefined framework that can be used for controlling access, and is embedded into software and hardware?
answer
Access control model
question
The strength of RADIUS is that messages are always directly sent between the wireless device and the RADIUS server.
answer
False
question
Group policy is a Unix feature that allows for the centralized management and configuration of computers and remote users using Unix Active Directory.
answer
False
question
When using Role Based Access Control (RBAC), permissions are assigned to:
answer
Roles
question
A user or a process functioning on behalf of the user that attempts to access an object is known as the:
answer
subject
question
What authentication service commonly used on UNIX devices involves communicating user authentication information to a centralized server?
answer
TACACS
question
User accounts that remain active after an employee has left an organization are referred to as being what type of accounts?
answer
Orphaned
question
The X.500 standard defines a protocol for a client application to access an X.500 directory known as which of the following options?
answer
DAP
question
Although designed to support remote dial-in access to a corporate network, what service below is commonly used with 802.1x port security for both wired and wireless LANs?
answer
RADIUS
question
To assist with controlling orphaned and dormant accounts, what can be used to indicate when an account is no longer active?
answer
Account expiration
question
A list that specifies which subjects are allowed to access an object and what operations they can perform on it is referred to as a(n):
answer
ACL
question
Which access control model is considered to be the least restrictive?
answer
Discretionary Access Control
question
The action that is taken by a subject over an object is called a(n):
answer
operation
question
Entries within a Directory Information Base are arranged in a tree structure called the:
answer
DIT
question
Select below the authentication system developed by the Massachusetts Institute of Technology (MIT) to verify the identity of network users:
answer
Kerberos
question
What kind of attack allows for the construction of LDAP statements based on user input statements, which can then be used to access the LDAP database or modify the database's information?
answer
LDAP Injection
question
A shield icon warns users if they attempt to access any feature that requires UAC permission.
answer
True
question
A vulnerable process that is divided between two or more individuals to prevent fraudulent application of the process is known as:
answer
separation of duties
question
Select below the access control model that uses access based on a user's job function within an organization:
answer
Role Based Access Control