Final Study Questions

Flashcard maker : Sam Arent
What information security position reports to the CISO and supervises technicians, administrators, and security staff?
manager
According to the U.S. Bureau of Labor Statistics, what percentage of growth is the available job outlook supposed to reach by the end of the decade?
22
Which position below is considered an entry-level position for a person who has the necessary technical skills?
security technician
What country is now the number one source of attack traffic?
Indonesia
What kind of server connects a remote system through the Internet to local serial ports using TCP/IP?
Serial server
In what kind of attack can attackers make use of hundreds of thousands of computers under their control in an attack against a single server or network?
distributed
Which term below is frequently used to describe the tasks of securing information that is in a digital format?
information security
Which of the three protections ensures that only authorized parties can view information?
Confidentiality
Select below the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data.
Integrity
The security protection item that ensures that the individual is who they claim to be (the authentic or genuine person) and not an imposter is known as?
Authentication
In information security, what constitutes a loss?
theft of information

a delay in transmitting information that results in a financial penalty

the loss of good will or a reputation

In information security, an example of a threat agent can be ____.
a force of nature such as a tornado that could destroy computer equipment

a virus that attacks a computer network

A person attempting to break into a secure computer network

What type of theft involves stealing another person’s personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
Identity theft
Under which law are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?
HIPAA
Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year?
$1,500,000
The ____ Act requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information.
Gramm-Leach-Bliley
To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack?
Love Bug
What term is used to describe a loose network of attackers, identity thieves, and financial fraudsters?
Cybercriminals
Select below the term that is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so:
Script kiddies
Script kiddies acquire which item below from other attackers to easily craft an attack:
Exploit kit
What term below is used to describe a means of gathering information for an attack by relying on the weaknesses of individuals?
Social engineering
The two types of malware that require user intervention to spread are:
Viruses and trojans
Which of the following is malicious computer code that reproduces itself on the same computer?
virus
One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name for this technique?
Swiss cheese
What type of malware is heavily dependent on a user in order to spread?
virus
A virus that infects an executable program file is known as?
program virus
How many different Microsoft Windows file types can be infected with a virus?
70
A series of instructions that can be grouped together as a single command and are often used to automate a complex set of tasks or a repeated series of tasks are known as:
A macro
Select below the type of malware that appears to have a legitimate use, but actually contains or does something malicious:
Trojan
What type of malware consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms?
rootkit
Computer code that is typically added to a legitimate program but lies dormant until it is triggered by a specific logical event is known as a?
logic bomb
What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks, and was no longer included in Microsoft software after the start of their Trustworthy Computing initiative?
Easter egg
What kind of software program delivers advertising content in a manner that is unexpected and unwanted by the user, and is typically included in malware?
Adware
What is the term used to describe unsolicited messages received on instant messaging software?
​Spim
Of the three types of mutating malware, what type changes its internal code to one of a set number of predefined mutations whenever it is executed?​
Oligomorphic malware
Which of the following is not one of the four methods for classifying the various types of malware?​
​Source
What type of attack is targeted against a smaller group of specific individuals, such as the major executives working for a manufacturing company?​
Watering Hole
The physical procedure whereby an unauthorized person gains access to a location by following an authorized user is known as?
Tailgating
What type of system security malware allows for access to a computer, program, or service without authorization?
Backdoor
Malware that locks or prevents a device from functioning properly until a fee has been paid is known as:​
​Ransomware
What language below is used to view and manipulate data that is stored in a relational database?
SQL
Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database?
whatever’ AND email IS NULL; —
Which SQL injection statement example below could be used to discover the name of the table?
whatever’ AND 1=(SELECT COUNT(*) FROM tabname); —
Choose the SQL injection statement example below that could be used to find specific users:
whatever’ OR full_name LIKE ‘%Mia%’
Which SQL injection statement can be used to erase an entire database table?
whatever’; DROP TABLE members; —
HTML uses which option below within embedded brackets () causing a web browser to display text in a specific format?
tags
What language below is designed to display data, with a primary focus on how the data looks?
HTML
What language below is for the transport and storage of data, with the focus on what the data is?
XML
To what specific directory are users generally restricted to on a web server?
root
The default root directory of the Microsoft Internet Information Services (IIS) Web server is located at which directory below?
C:Inetpub wwwroot
Select below the string of characters that can be used to traverse up one directory level from the root directory:
../
Attacks that take place against web based services are considered to be what type of attack?
server-side
A user has become compromised as a result of visiting a specific web page, without clicking on any kind of content. What type of attack has occurred?
drive-by-download
What portion of the HTTP packet consists of fields that contain information about the characteristics of the data being transmitted?
HTTP header
An attack in which the attacker attempts to impersonate the user by using his or her session token is known as:
Session hijacking
Which type of attack below is similar to a passive man-in-the-middle attack?
replay
When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service:
DNS
How can an attacker substitute a DNS address so that a computer is automatically redirected to another device?
DNS poisoning
The exchange of information among DNS servers regarding configured zones is known as:
zone transfer
On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred?​
​Privilege escalation
Cipher locks are sometimes combined with what type of sensor, which uses infrared beams that are aimed across a doorway?
Tailgate sensors
Instead of using a key or entering a code to open a door, a user can use an object, such as an ID badge, to identify themselves in order to gain access to a secure area. What term describes this type of object?
physical token
Proximity readers utilize a special type of tag that can be affixed to the inside of an ID badge. What is the name for this type of tag?
Radio Frequency Identification tag (RFID)
What is the maximum effective range of a typical passive RFID tag?
19
How can an area be made secure from a non-secured area via two interlocking doors to a small room?
Using a mantrap
What type of video surveillance is typically used by banks, casinos, airports, and military installations, and commonly employs guards who actively monitor the surveillance?
CCTV
Most portable devices, and some computer monitors, have a special steel bracket security slot built into the case, which can be used in conjunction with a:
cable lock
A spiked collar that extends horizontally for up to 3 feet from the pole is an example of what kind of technology?
Anti-climb
An independently rotating large cup affixed to the top of a fence prevents the hands of intruders from gripping the top of a fence to climb over it. What is the name for this technology?
roller barrier
What is the name for a standard or checklist against which systems can be evaluated and audited for their level of security (security posture)?
baseline
Which of the following is not one of the types of settings that would be included in a Microsoft Windows security template?
Resolution settings
What is the name for a cumulative package of all patches and hotfixes as well as additional features up to a given point?
service pack
Instead of trying to make a match, modern AV techniques are beginning to use a type of detection that attempts to identify the characteristics of a virus. What is the name for this technique?
heuristic detection
What type of device, sometimes called a packet filter, is designed to prevent malicious network packets from entering or leaving computers or networks?
firewall
Select the tool below that consists of a system of security tools that is used to recognize and identify data that is critical to an organization and ensure that it is protected:
Data Loss Prevention
Most DLP systems make use of what method of security analysis below?
Content inspection
Anti-virus products typically utilize what type of virus scanning analysis?​
Static analysis
​What type of filtering utilizes a an analysis of the content of spam messages in comparison to neutral / non-spam messages in order to make intelligent decisions as to what should be considered spam?
Bayesian filtering
A system such as a printer, smart TV, or HVAC controller, typically uses an operating system on what is called a:
Embedded system
What is the best way to prevent data input by a user from having potentially malicious effects on software?​
Escaping user responses
On what principle did Julius Caesar’s cyptographic messages function?
Each alphabetic letter was shifted three places down in the alphabet
Data that is in an unencrypted form is referred to as which of the following?
Cleartext
In cryptography, which of the five basic protections ensures that the information is correct and no unauthorized person or malicious software has altered that data?
Integrity
What type of cryptographic algorithm is considered to be a one-way algorithm, in that its contents can’t be used to reveal the original set of data?
hash
Select below the hashing algorithm that takes plaintext of any length and generates a digest 128 bits in length:
MD2
If using the MD5 hashing algorithm, what is the length to which each message is padded?
512 bits
What is the name of the cryptographic hash function that has international recognition and has been adopted by standards organizations such as the ISO, that creates a digest of 512 bits and will not be subject to patents?
Whirlpool
A key that is generated by a symmetric cryptographic algorithm is said to be a:
private key
The simplest type of stream cipher, one in which one letter or character is exchanged for another, is known as what?
substitution
Which type of cryptographic algorithm takes an input string of any length, and returns a string of any requested variable length?
Sponge
After the DES cipher was broken and no longer considered secure, what encryption algorithm was made as its successor?
3DES
Select below the standard that is based on the Rijndael algorithm, and was approved by NIST in late 2000 as a replacement for DES:
AES
What is the block cipher algorithm that operates on 64-bit blocks and can have a key length from 32 to 448 bits known as?
Blowfish
What type of cryptography uses two keys instead of just one, generating both a private and a public key?
Asymmetric
Which of the following is not one of the functions of a digital signature?
Protect the public key
The asymmetric cryptography algorithm most commonly used is:
RSA
What cryptographic method, first proposed in the mid-1980s, makes use of sloping curves instead of large prime numbers?
ECC
Cryptography that attempts to use the microscopic behaviors of objects to develop and share keys while also detecting eavesdropping is known as what type of cryptography?
Quantum cryptography
The NTRUEncrypt cryptographic algorithm makes use of which of the following cryptographic techniques?
lattice-based
What is the name of the open source asymmetric cryptography system that runs on Windows, UNIX, and Linux systems, and is compatible with PGP?
GPG
The SHA-1 hashing algorithm creates a digest that is how many bits in length?
160 bits
What type of cryptographic algorithm can be used to ensure the integrity of a file’s contents?
Hashing
Using what mechanism below can the non-repudiation of an e-mail and it’s content be enforced?
Asymmetric encryption
Select below the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates:
Certification Authority
What is the name for an organization that receives, authenticates, and processes certificate revocation requests?
Registration Authority
What kind of certificate is typically used by an individual to secure e-mail transmissions?
Personal digital
Select below the type of certificate that is often issued from a server to a client, with the purpose of ensuring the authenticity of the server:
Server digital
A sensitive connection between a client and a web server uses what class of certificate?
Class 2
A framework for all of the entities involved in digital certificates for digital certificate management is known as:
Public key infrastructure
When two individuals trust each other because of the trust that exists between the individuals and a separate entity, what type of trust has been established?
third-party
Because of the limitations of a hierarchical trust model, what type of trust model is used for CAs on the Internet?
distributed trust
What type of trust model has a single CA that acts as a facilitator to interconnect all other CAs?
bridge trust
A document that describes in detail how a CA uses and manages certificates, as well as how end users register for a digital certificate, is known as?
Certificate practice statement (CPS)
At what stage can a certificate no longer be used for any type of authentication?
expiration
The process by which keys are managed by a third party, such as a trusted CA, is known as?
Key escrow
What protocol, developed by Netscape in 1994, is designed to create an encrypted data path between a client and server that could be used on any platform or operating system?
SSL
What cryptographic transport algorithm is considered to be significantly more secure than SSL?
TLS
What protocol below supports two encryption modes: transport and tunnel?
IPSec
The Authentication Header (AH) protocol is a part of what encryption protocol suite below?​
IPSec
Why is IPsec considered to be a transparent security protocol?
​IPsec is designed to not require modifications of programs, or additional training, or additional client setup
​Select below the secure alternative to the telnet protocol:
​SSH
​SSL and TLS keys of what length are generally considered to be strong?
4096
What layer of the OSI model is responsible for permitting two parties on a network to hold ongoing communications across the network?
Session
Select below the layer of the OSI model at which the route a packet is to take is determined, and the addressing of the packet is performed.
Network
An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices?
hub
What kind of networking device forwards packets across different computer networks by reading destination addresses?
router
An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured to make use of both servers in a manner that is transparent to the end users?
Load balancing
A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below?
Stateful packet filtering
What is the name for a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user?
proxy server
A server that routes incoming requests to a specific destination server, and acts as the final destination IP for all client access, is known as a:
reverse proxy
What technology enables authorized users to use an unsecured public network, such as the Internet, as if were a secure private network?
VPN
Select below the technology that can be used to examine content through application-level filtering:
Web security gateway
What type of monitoring compares network traffic, activities, transactions, or behavior against a database of known attack patterns?
Signature
What is the name for an instruction that interrupts a program being executed and requests a service from the operating system?
system call
When a private network uses a single public IP address, and each outgoing TCP packet uses a different port to allow for proper translation, what networking technology is in use?
NAT
A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network?
Create a DMZ, add necessary hosts.
The standard TCP/IP protocol uses IP addresses which are how many bytes in length?
4
What vendor neutral protocol implements support for VLAN tagging?
802.1Q
The management in your corporate office want to group users on the network together logically even though they are attached to separate network switches. How can this be done?
Create a VLAN and add the users’ computers / ports to the VLAN.
Which of the following is not a component of an IP packet that a firewall rule can use for filtering purposes?
Intent
A load balancer that works with the File Transfer Protocol is operating at what layer of the OSI model?
Layer 4
What protocol suite below is the most commonly used protocol for local area network (LAN) communication?
TCP/IP
At what level of the OSI model does the IP protocol function?
Network Layer
Which layer of the OSI model contains TCP protocol, which is used for establishing connections and reliable data transport between devices?
Transport Layer
The capability for devices to exchange low-level control messages is provided by what protocol below?
ICMP
When using SNMPv1 or SNMPv2, what piece of information is needed to view information from an agent?
community string
Select below the TCP/IP protocol that resolves a symbolic name to its corresponding IP address using a database consisting of an organized hierarchy tree.
DNS
DNS poisoning can be prevented using the latest edition of what software below?
BIND
An administrator needs to examine FTP commands being passed to a server. What port should the administrator be monitoring?
21
What device operates at the Network Layer (layer 3) of the OSI model and forwards packets across computer networks?
router
The deployment of this technology below can be used as a defense against DoS and DDoS SYN flood attacks:
flood guard
Broadcast storms can be prevented by using loop prevention technology. Which item below can be used to help prevent loops?
802.1d
How can a network of physical devices be grouped into logical units, regardless of what network switches they may be connected to?
VLAN
Port-based authentication, in which users are authenticated on a per-switch port basis, is a function of what standard below?
IEEE 802.1x
Which of the three Cloud computing service models allows a customer to access software provided by a vendor using a web browser, without any installation, configuration, upgrading, or management from the user?
Cloud Software as a Service
When setting up a server virtualization environment, what component below manages the virtual machine operating systems and supports one or more guest systems?
hypervisor
In what type of cloud computing does the customer have the highest level of control?
Cloud Infrastructure as a Service
What MAC limiting configuration setting allows for MAC addresses to be automatically learned and stored along with any addresses that were learned prior to using the configuration setting?
​Sticky
Which of the following is not a benefit that can be provided by using IP telephony?​
Decreased network utilization
What is the term used for a device that requests permission from an authenticator to join a network?​
​Supplicant
What transport protocol is used by Windows operating systems to allow applications on separate computers to communicate over a LAN?
NetBIOS
Bluetooth is an example of what type of technology below?
Personal Area Network
What is the maximum range of most Bluetooth devices?
33 ft
The IEEE 802.15.1-2005 standard is based on what version of the Bluetooth specifications?
Bluetooth v1.2
Slave devices that are connected to a piconet and are sending transmissions are known as what?
Active slave
Piconets in which connections exist between different piconets are known as a:
scatternet
What term below is used to describe an attack that sends unsolicited messages to Bluetooth enabled devices?
Bluejacking
A Bluetooth attack in which the attacker accesses unauthorized information from a wireless device using a Bluetooth connection, is known as?
Bluesnarfing
What device acts like a wireless base station in a network, acting as a bridge between wireless and wired networks?
Access Point
An access point that is unauthorized and allows an attacker to bypass network security configurations is considered to be what type of access point?
rogue
What type of access point is configured by an attacker in such a manner that it mimics an authorized access point?
evil twin
What is the maximum number of characters that can exist within an SSID name?
32
The Temporal Key Integrity Protocol (TKIP) encryption technology increases IVs to what length?
48 bits
Which encryption protocol below is used in the WPA2 standard?
AES-CCMP
Which of the following choices is not one of the four types of packets used by EAP?
Error
Which option below is responsible for the issuing of EAP request packets?
authenticator
Select the EAP protocol supported by WPA2 Enterprise that securely tunnels any credential form for authentication using TLS:
EAP-FAST
What proprietary EAP method developed by Cisco requires mutual authentication for WLAN encryption using Cisco client software?
LEAP
Which EAP protocol creates an encrypted channel between the client authentication server and the client, and uses Microsoft Windows logins and passwords?
PEAP
How can an administrator force wireless clients to use a standard web browser to provide information, and require a user to agree to a use policy or present valid login credentials?
Captive portal access point
When using AES-CCMP, the AES-256 bit key requires how many rounds?​
13
Select below the option that represents a wearable technology:
Google Glass
What PC Card type is typically used for memory?
Type I
​Select below the option that is not one of the SD format card families:
​Extreme Capacity (SDXC)
What SD card family can be used to transmit pictures over a wireless network to a laptop hard drive or wireless printer?​
Secure Digital Input Output (SDIO)
An ultrabook is an example of what type of a portable computer?
Subnotebook
Mobile devices with global positioning system (GPS) abilities typically make use of:​
​Location services
What can be enabled to prevent a mobile device from being used until a user enters the correct passcode, such as a pin or password?
Enable a lock screen
What type of management system below can help facilitate asset tracking?
​Mobile Device Management (MDM)
How can an administrator manage applications on mobile devices using a technique called “app wrapping?”
Mobile Application Management
Mobile Device Management systems that allow users to store usernames and passwords within a device are said to be using:
Credential management
What PIN is considered to be the most commonly used PIN?
1234
​Which of the following selections is not one of the features provided by a typical MDM?
Track stolen devices
What term is used to describe the operation of stockrooms where mobile devices are stored prior to their dispersal to employees?
​Inventory control
A QR code can’t contain which of the following items directly?
​A video
​What mobile operating system below requires all applications to be reviewed and approved before they can be made available on the public store front?
iOS
​Select below the item that is not considered to be a basic characteristic of mobile devices:
Removable media storage
A laptop may have multiple hardware ports. Which of the following is not a typical port included on a laptop?
RS232
​Select below the type of computing device that uses a limited version of the Linux operating system and uses a web browser with an integrated media player:
​Web-based
​What term below describes a hand-held mobile device that was intended to replace paper systems, and typically included an appointment calendar, an address book, a “to-do” list, a calculator, and the ability to record limited notes?
​Personal digital assistant (PDA)
The PC Card and CardBus devices are being replaced by what technology?
​ExpressCard
A user or a process functioning on behalf of the user that attempts to access an object is known as the:
subject
The action that is taken by a subject over an object is called a(n):
operation
What is the name for a predefined framework that can be used for controlling access, and is embedded into software and hardware?
access control model
What access control model below is considered to be the most restrictive access control model, and involves assigning access controls to users strictly according to the custodian?
Mandatory Access Control
In a UAC prompt, what color is used to indicate the lowest level of risk?
gray
Which access control model is considered to be the least restrictive?
Discretionary Access Control
Select below the access control model that uses access based on a user’s job function within an organization:
Role Based Access Control
Which access control model can dynamically assign roles to subjects based on a set of defined rules?
Rule Based Access Control
When using Role Based Access Control (RBAC), permissions are assigned to:
Roles
A vulnerable process that is divided between two or more individuals to prevent fraudulent application of the process is known as:
Separation of duties
A list that specifies which subjects are allowed to access an object and what operations they can perform on it is referred to as a(n):
ACL
User accounts that remain active after an employee has left an organization are referred to as being what type of accounts?
Orphaned
To assist with controlling orphaned and dormant accounts, what can be used to indicate when an account is no longer active?
Account expiration
Although designed to support remote dial-in access to a corporate network, what service below is commonly used with 802.1x port security for both wired and wireless LANs?
RADIUS
During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password?
authentication request
Select below the authentication system developed by the Massachusetts Institute of Technology (MIT) to verify the identity of network users:
Kerberos
What authentication service commonly used on UNIX devices involves communicating user authentication information to a centralized server?
TACACS
Entries within a Directory Information Base are arranged in a tree structure called the:
DIT
The X.500 standard defines a protocol for a client application to access an X.500 directory known as which of the following options?
DAP
What kind of attack allows for the construction of LDAP statements based on user input statements, which can then be used to access the LDAP database or modify the database’s information?
LDAP injection
A secret combination of letters, numbers, and/or characters that only the user should have knowledge of, is known as a:
password
What is the center of the weakness of passwords?
human memory
Passwords that are transmitted can be captured by what type of software?
protocol analyzer
What type of attack involves an attacker stealing a file containing password digests and comparing the digests with digests created by the attacker?
offline cracking
What type of attack involves using every possible combination of letters, numbers, and characters to create candidate digests that are then matched against those in a stolen digest file?
Brute force
What variation of a dictionary attack involves a dictionary attack combined with a brute force attack, and will slightly alter dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters?
hybrid
The use of what item below involves the creation of a large pregenerated data set of candidate digests?
Rainbow tables
What kind of biometrics utilizes a person’s unique physical characteristics for authentication, such as fingerprints or unique characteristics of a person’s face?
Standard biometrics
Which term below describes the time it takes for a key to be pressed and then released?
Dwell time
Which type of biometrics is based on the perception, thought process, and understanding of the user?
Cognitive biometrics
The use of a single authentication credential that is shared across multiple networks is called:
Identity management
The use of one authentication credential to access multiple accounts or applications is referred to as?
Single Sign On
What technology allows users to share resources stored on one site with a second site without forwarding their authentication credentials to the other site?
OAuth
​Select below the decentralized open-source FIM that does not require specific software to be installed on the desktop:
OpenID
What federated identity management (FIM) relies on token credentials?
OAuth
​A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called:
Common Access Card (CAC)
What can be used to increase the strength of hashed passwords?​
Salt
​A list of the available nonkeyboard characters can be seen in Windows by opening what utility?
charmap.exe
Which hashing algorithm below is used with NTLMv2’s Hashed Message Authentication Code?
MD5
The process of identifying exposure to threats, creating preventive and recovery procedures, and then testing them to determine if they are sufficient, is known as:
Business continuity planning and testing
When a company needs to identify mission-critical business functions and quantify the impact a loss of such functions may have on the organization in terms of it’s operational and financial position, what should be performed?
Business impact analysis (BIA)
What type of plans include procedures to address redundancy and fault tolerance as well as data backups?
Disaster recovery
Which term below describes a component or entity in a system which, if it no longer functions, will disable an entire system?
single point of failure
A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as:
service level agreement
Select below the type of cluster that is used to provide high-availability applications that require a high level of read and write actions, such as databases, messaging systems, and file and print services:
asymmetric server
In what type of server cluster can services fail over from downed servers to functional servers?
symmetric server
How can an administrator keep devices powered when power is interrupted?
uninterruptible power supply
A location that has all the equipment installed but does not have active Internet or telecommunications facilities, and does not have current backups of data, is an example of a:
warm site
A metallic enclosure that prevents the entry or escape of an electromagnetic field is known as a:
Faraday cage
Using technology to search for computer evidence of a crime in order to retrieve information, even if it has been altered or erased, that can be used in pursuit of an attacker or criminal is an example of:
Computer forensics
According to the Federal Bureau of Investigation (FBI), what percentage of crime committed today leaves behind digital evidence that can be retrieved via computer forensics?
85
What kind of data can be lost when a computer is turned off?
Volatile
A snapshot of the current state of a computer that contains all current settings and data is known as what option below:
system image
What is the name for an image that consists of an evidence-grade backup because its accuracy meets evidence standards?
chain of custody
Multiple sectors on a disk, when combined, are referred to as a:
cluster
The remaining cluster space of a partially filled sector is padded with contents from RAM. What is the name for this type of scenario?
RAM slack
What kind of slack is created from information stored on a hard drive, which can contain remnants of previously deleted files or data?
Drive file slack
​What RAID type below utilizes parity data across all drives instead of using a separate drive to hold parity error checking information?
RAID 5
What concept below is at the very heart of information security?
risk
Due to the potential impact of changes that can affect all users in a organization, and considering that security vulnerabilities can arise from uncoordinated changes, what should an organization create to oversee changes?
change management team
What may be defined as the components required to identify, analyze, and contain an incident?
Incident response
What is the name for a framework and corresponding functions required to enable incident response and incident handling within an organization?
Incident management
A written document that states how an organization plans to protect the company’s information technology assets is a:
security policy
A collection of suggestions that should be implemented are referred to as a:
guideline
Generally considered to be the most important information security policies, what item below defines the actions a user may perform while accessing systems and networking equipment?
Acceptable use policies
What kind of policy outlines how organizations use personal information it collects?
privacy
Policies that include statements regarding how an employee’s information technology resources will be addressed are part of a:
security-related human resource policy
What are values that are attributed to a system of beliefs that help the individual distinguish right from wrong called?
Morals
What can be defined as the study of what a group of people understand to be good and right behavior and how people make those judgments?
Ethics
Which type of network below uses a direct connection between users, and involves each device simultaneously acting as a client and a server?
P2P
Websites that group individuals and organizations into clusters or groups based on some sort of affiliation are considered to be what type of websites?
social networking
Which term below describes the art of helping an adult learn?
andragogical
What kind of learners learn from taking notes, being at the front of the class, and watching presentations?
Visual
What type of learner tends to sit in the middle of the class and learns best through lectures and discussions?
Auditory
What type of learner learns best through hands-on approaches?
Kinesthetic
​What is the most common type of P2P network?
​Bittorrent
Which item below is an imaginary line by which an element is measured or compared, and can be seen as the standard?
baseline
The comparison of the present state of a system to its baseline is known as what?
Baseline reporting
In order to minimize vulnerabilities in software, code should be subject to and analyzed while it is being written in what option below?
code review
What is the name for the code that can be executed by unauthorized users within a software product?
attack surface
During a vulnerability assessment, what type of software can be used to search a system for port vulnerabilities?
port scanner
A port in what state below implies that an application or service assigned to that port is listening for any instructions?
open port
An administrator running a port scan wants to ensure that no processes are listening on port 23. What state should the port be in?
closed port
An administrator needs to view packets and decode and analyze their contents. What type of application should the administrator use?
protocol analyzer
Which is the term for a computer typically located in an area with limited security and loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.
honeypot
What is the term for a network set up with intentional vulnerabilities?
honeynet
What is another term used for a security weakness?
vulnerability
Which scan examines the current security, in a passive method?
vulnerability scan
What is the end result of a penetration test?
penetration test report
Which tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of custom applications?
white box
​A service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service, is known as a:
Service Level Agreement (SLA)
​What term below describes a prearranged purchase or sale agreement between a government agency and a business?
Blanket Purchase Agreement (BPA)
What security goal do the following common controls address: hashing, digital signatures, certificates, nonrepudiation tools?​
Integrity

Get instant access to
all materials

Become a Member