0 évaluation0% ont trouvé ce document utile (0 vote)
19 vues22 pages
,,,, algorithms use a specially generated key pair. One key encrypts cleartext into ciphertext, and the other key decrypts. Search warrants and subpoenas can be found in the Fourth Amendment. Access to conIidential resources can be secured with a smart card or token.
,,,, algorithms use a specially generated key pair. One key encrypts cleartext into ciphertext, and the other key decrypts. Search warrants and subpoenas can be found in the Fourth Amendment. Access to conIidential resources can be secured with a smart card or token.
Droits d'auteur :
Attribution Non-Commercial (BY-NC)
Formats disponibles
Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
,,,, algorithms use a specially generated key pair. One key encrypts cleartext into ciphertext, and the other key decrypts. Search warrants and subpoenas can be found in the Fourth Amendment. Access to conIidential resources can be secured with a smart card or token.
Droits d'auteur :
Attribution Non-Commercial (BY-NC)
Formats disponibles
Téléchargez comme DOCX, PDF, TXT ou lisez en ligne sur Scribd
Status Completed Score 95 out oI 0 points O "uestion 1 out oI 1 points
algorithms use a specially generated key pair. One key encrypts cleartext into ciphertext, and the other key decrypts ciphertext into cleartext. Answer
Selected Answer: a. Asymmetric
O "uestion 2 1 out oI 1 points
The value in a statistical model is the most realistic estimate oI the money you need to spend to replace the item. Answer
Selected Answer: a. likely cost
O "uestion 3 1 out oI 1 points
The reasons Ior search warrants and subpoenas can be Iound in the Fourth Amendment, which grants the right to and protects U.S. residents against illegal search and seizure. Answer
Selected Answer: a. due process
O "uestion 4 1 out oI 1 points
is a commonly used European symmetric algorithm that Xuejia Lai and James Massey designed in 1991. Answer
Selected Answer: c. IDEA
O "uestion 5 1 out oI 1 points
Access to conIidential resources can be secured with a smart card or token, a piece oI hardware used with a password to provide authentication. Answer
Selected Answer: b. two-Iactor
O "uestion 6 1 out oI 1 points
A is an undocumented or unauthorized hidden opening (such as a port) through which a computer, program, or other resource can be accessed. Answer
Selected Answer: c. backdoor
O "uestion 7 1 out oI 1 points
Ronald Rivest devised in 1991 as a replacement Ior MD4, which was not secure. Answer
Selected Answer: a. MD5
O "uestion 8 1 out oI 1 points
A(n) policy should be established in the security policy and enIorced by soItware means whenever possible. Answer
Selected Answer: d. password
O "uestion 9 0 out oI 1 points
When conducting testing, you`re attempting to crack passwords as an attacker would so that you know exactly how your system appears to the outside world. Answer
Selected Answer: b. logical
O "uestion 10 1 out oI 1 points
A basic scan makes use oI packets to determine whether a target IP address is active. Answer
Selected Answer: b. ICMP
O "uestion 11 1 out oI 1 points
In a DDoS, zombie computers are also known as . Answer
Selected Answer: a. bots
O "uestion 12 1 out oI 1 points
are TCP packets with no Ilags set, which could cause a server to crash. Answer
Selected Answer: c. Null packets
O "uestion 13 1 out oI 1 points
In a Windows Server 2003 domain controller, the account lockout setting sets the number oI Iailed logon attempts beIore the account is disabled temporarily. Answer
Selected Answer: d. threshold
O "uestion 14 1 out oI 1 points
are soItware components that narrow the scope oI users` access to inIormation, restricting system and inIormation access to only those areas they are permitted to use. Answer
Selected Answer: d. Logical access controls
O "uestion 15 1 out oI 1 points
use(s) hashing algorithms with asymmetric encryption to produce a method Ior veriIying message integrity and nonrepudiation. Answer
Selected Answer: d. Digital signatures
O "uestion 16 0 out oI 1 points
A(n) is an initial FTP connection. Answer
Selected Answer: b.
ACK connection
O "uestion 17 1 out oI 1 points
A cipher encrypts groups oI text at a time. Answer
Selected Answer: a. block
O "uestion 18 1 out oI 1 points
A is a candidate Ior inclusion in the CVE list and Iollows the same naming Iormat as CVE. Answer
Selected Answer: b. CAN
O "uestion 19 1 out oI 1 points
The can be used to reassemble a packet in case it`s divided into Iragments. Answer
Selected Answer: a. ID number
O "uestion 20 1 out oI 1 points
Because substitution ciphers use substitution, a one-Ior-one character substitution, they are vulnerable to Irequency analysis. Answer
Selected Answer: a. monoalphabetic
O "uestion 21 1 out oI 1 points
A cipher encrypts cleartext one bit at a time to produce a stream oI encrypted ciphertext. Answer
Selected Answer: b. stream
O "uestion 22 1 out oI 1 points
are descriptions oI the worst consequences that beIall an organization iI a threat happens. Answer
Selected Answer: b. Worst-case scenarios
O "uestion 23 1 out oI 1 points
The purpose oI is to mitigate the potentially serious eIIects oI a severe LAN security problem. Answer
Selected Answer: b. incident response
O "uestion 24 0 out oI 1 points
You can separate customer databases Irom Web servers by using hardware/ soItware products, such as by MicrosoIt. Answer
Selected Answer: a. IIS
O "uestion 25 1 out oI 1 points
A(n) use policy covers how employees can access and use the Internet. Answer
Selected Answer: a. Internet
O "uestion 26 1 out oI 1 points
Project Risk Analysis perIorms calculations by using a statistical Iormula called a simulation. Answer
Selected Answer: c. Monte Carlo
O "uestion 27 1 out oI 1 points
By providing through backup systems, you ensure that databases and other stores oI inIormation remain accessible iI primary systems go oIIline. Answer
Selected Answer: c. redundancy
O "uestion 28 1 out oI 1 points
is a security process developed by the CERT Coordination Center (www.cert.org). Answer
Selected Answer: c. SNA
O "uestion 29 1 out oI 1 points means inserting a Ialse address into the IP header to make the packet more diIIicult
to trace back to its source. Answer Selected Answer: a. IP spooIing
O "uestion 30 1 out oI 1 points
To carry out a(n) attack, attackers must Iirst Iind an open port on the target and learn its IP address, and then send a packet to the target containing the target`s address. Answer
Selected Answer: b. address spooIing
O "uestion 31 1 out oI 1 points
One oI the best-known soItware tools Ior risk analysis, , is available Irom Insight Solutions. Answer
Selected Answer: b. CRAMM
O "uestion 32 1 out oI 1 points
Your to risk increases iI you have one or more Iactors that increase threat probabilities. Answer
Selected Answer: b. exposure
O "uestion 33 1 out oI 1 points
Port scans can be perIormed in several ways. In a scan, all ports Irom 0 to 65535 are probed one aIter another.
Answer Selected Answer: d. vanilla
O "uestion 34 1 out oI 1 points
is an International Telecommunication Union standard Ior PKI developed in 1988 by the Internet Engineering Task Force`s (IETF`s) Public-Key InIrastructure Working Group (PKIX). Answer
Selected Answer: d. X.509
O "uestion 35 1 out oI 1 points
A type oI DoS attack called a(n) occurs when multiple ICMP packets are sent to a single host on a network. Answer
Selected Answer: a. ICMP Ilood
O "uestion 36 1 out oI 1 points
To reduce the risk oI social-engineering techniques being successIul, organizations should institute a program. Answer
Selected Answer: b. security user awareness
O "uestion 37 1 out oI 1 points
allow(s) users to access e-mail and control(s) access to the network Irom outside, access to shared directories on servers, and more.
Answer Selected Answer: c. Passwords
O "uestion 38 6 out oI 6 points
,tch e,ch item with , st,tement below. Answer
"uestion Selected Match involves using simple tools to determine an organization`s security level g. Footprinting one oI the most common mistakes novice programmers make I. BuIIer overIlow a Iorm oI social engineering d. Dumpster diving a Ireeware keystroke-logging tool h. PerIect Keylogger Lite a storage area in memory where data or instructions wait until the computer is ready to process them e. BuIIer involves using memos, seminars, presentations, checklists, and other means oI educating users about inIormation security b. Security awareness training
O "uestion 39 1 out oI 1 points
A(n) cipher maps each character, such as a letter oI the alphabet, to a diIIerent character to obscure the message text. Answer
Selected Answer: c. substitution
O "uestion 40 1 out oI 1 points
Network administrators use to monitor network traIIic and perIormance, identiIy and locate communication problems, and look Ior excessive traIIic and security violations. Answer
Selected Answer: c. packet capture and analysis
O "uestion 41 1 out oI 1 points
keeps potentially harmIul messages Irom entering the network Irom the outside. Answer
Selected Answer: c. Message Iiltering
O "uestion 42 1 out oI 1 points
key exchange uses a symmetric cryptographic algorithm in the encryption process, in which the same key (also called a 'shared key) is used to encrypt and decrypt a message. Answer
Selected Answer: b. Private
O "uestion 43 1 out oI 1 points
authentication gives users limited access based on the role they are assigned in the company and what resources the role is allowed to use. Answer
Selected Answer: b. Role-based
O "uestion 44 1 out oI 1 points
Systematic and periodic oI inIormation on the network are one oI the most basic and important ways to protect that inIormation. Answer
Selected Answer: d. backups
O "uestion 45 1 out oI 1 points
Malicious code, or , is soItware designed to prevent a computer or business Irom operating. Answer
Selected Answer: c. malware
O "uestion 46 1 out oI 1 points
is an IPSec component that authenticates TCP/IP packets to ensure data integrity. Answer
Selected Answer: a. Authentication Header (AH)
O "uestion 47 8 out oI 8 points
,tch e,ch item with , st,tement below. Answer
"uestion Selected Match process oI reviewing records oI network computers` activities I. Auditing provides a Ioundation Ior an organization`s overall security stance b. Security policy establishes what is acceptable use oI company resources and usually oIIers speciIics on what`s considered unacceptable use c. Acceptable use policy
describes the place to be searched and speciIies what evidence oIIicers are allowed to search Ior e. Search warrant represent a Iirst line oI deIense Ior many organizations i. Passwords a private network a company sets up as an extension oI its corporate intranet h. Extranet indicates how long beIore the savings Irom preventing security incidents pay back the investment a. Return on investment Iormally instructs employees about the organization`s security strategy g. Security awareness program
O "uestion 48 1 out oI 1 points
When you create a record oI an asset in Project Risk Analysis and estimate its replacement cost, you enter these values using the distribution setting. Answer
Selected Answer: b. Normal
O "uestion 49 1 out oI 1 points
A is a small piece oI computer code designed to do harm, but it doesn`t require a host program to work. Answer
Selected Answer: d. worm
O "uestion 50 1 out oI 1 points
scans your Windows system and pinpoints vulnerabilities, such as accounts with no password set, missing updates, or other potential security problems. Answer
Selected Answer: a. MBSA
O "uestion 51 1 out oI 1 points
A(n) sends a series oI ICMP Echo Request packets in a range oI IP addresses. Answer
Selected Answer: c. ping sweep
O "uestion 52 1 out oI 1 points
The value in a statistical model is the highest dollar amount Ior replacing the item. Answer
Selected Answer: d. high cost
O "uestion 53 1 out oI 1 points
create(s) a tunnel to transport inIormation through public communications media, such as regular phone lines. Answer
Selected Answer: c. VPNs
O "uestion 54 1 out oI 1 points
A(n) policy speciIies the use oI role-based authentication. Answer
Selected Answer: d. remote access and wireless connection
O "uestion 55 1 out oI 1 points
To carry out a , an attacker creates an ICMP packet larger than the allowed maximum and sends it to the target system. Answer
Selected Answer: c. ping oI death
O "uestion 56 1 out oI 1 points
The CVE standard is a cooperative eIIort. The maintains the database oI vulnerabilities. Answer
Selected Answer: b. Mitre Corporation
O "uestion 57 1 out oI 1 points
A(n) policy spells out how employees should make use oI the organization`s resources, including the Internet, e-mail, and soItware programs they use every day. Answer
Selected Answer: c. acceptable use
O "uestion 58 1 out oI 1 points
The value in a statistical model is the lowest dollar amount Ior replacing the item. Answer
Selected Answer: d. low cost
O "uestion 59 6 out oI 6 points
,tch e,ch item with , st,tement below. Answer
"uestion Selected Match examining TCP/IP communications to determine whether they are legitimate or suspicious e. Signature analysis enables hardware and security devices to draw Irom the same databases oI vulnerabilities, which are in the same Iormat i. CVE standard a simple error-checking procedure Ior determining whether a message has been damaged or tampered with while in transit b. Checksum acknowledgements that certain packets in a sequence have been received a. Selective acknowledgements a device that scans a network Ior open ports or other potential vulnerabilities d. Scanner the movement oI a packet Irom one point on the network to another I. Hop
O "uestion 60 1 out oI 1 points
IBM submitted the algorithm to the National Bureau oI Standards, and it was selected in 1976 as a Federal InIormation Processing Standard (FIPS). Answer
Selected Answer: d. DES
O "uestion 61 1 out oI 1 points
is a popular soItware tool Ior scanning networks. Answer
Selected Answer: a. Nmap
O "uestion 62 1 out oI 1 points
is a set oI standard procedures the IETF developed Ior securing communication on the Internet. Answer
Selected Answer: c. IPSec
O "uestion 63 1 out oI 1 points
One method oI veriIying message integrity is by using Iunctions, which generate a hash value, also known as a message digest, Irom input. Answer
Selected Answer: d. hashing
O "uestion 64 0 out oI 1 points
The National Institute oI Standards and Technology (NIST) approved the protocol Ior U.S. government use on May 26, 2002. Answer
Selected Answer: c. 3DES
O "uestion 65 1 out oI 1 points
Geographic or physical location, habitual Iactors, and other Iactors aIIect the that a threat will occur. Answer
Selected Answer: c. probability
O "uestion 66 1 out oI 1 points
is the maximum packet size that can be transmitted. Answer
Selected Answer: d. MTU
O "uestion 67 1 out oI 1 points
assets are word processing, spreadsheet, Web page, and other documents on your network computers. Answer
Selected Answer: a. Electronic
O "uestion 68 1 out oI 1 points
A(n) describes how an organization increases its state oI readiness when a threat or security incident occurs. Answer
Selected Answer: c. escalation procedure
O "uestion 69 1 out oI 1 points
The National Security Agency designed as a successor to MD5. Answer
Selected Answer: a. SHA
O "uestion 70 1 out oI 1 points
The is the actual data part oI the ICMP packet, given in ASCII Iormat. Answer
Selected Answer: a. ASCII payload
O "uestion 71 1 out oI 1 points
A is a type oI DoS attack that takes advantage oI the TCP/IP three-way handshake. Answer
Selected Answer: c. SYN Ilood
O "uestion 72 1 out oI 1 points
OIten disguised as a game or helpIul utility, a is actually malicious code designed to install a backdoor or rootkit on a computer. Answer
Selected Answer: b. Trojan
O "uestion 73 1 out oI 1 points
usually involves authorized users who have legitimate access with lower privileges gaining higher-level access to resources than they are supposed to have. Answer
Selected Answer: d. Privilege escalation
O "uestion 74 0 out oI 1 points
A backdoor or is simply a soItware tool that allows an attacker to access and use the computer, again without the user`s knowledge. Answer
Selected Answer: c.
root virus
O "uestion 75 1 out oI 1 points
uses a shared secret key agreed on by the sender and receiver in the veriIication process to generate a MAC tag (a sort oI enhanced message digest) Ior a message. Answer
Selected Answer: d. MAC
O "uestion 76 1 out oI 1 points
is soItware that gathers inIormation Irom users` computers without their knowledge and sends it to a third party on the Internet. Answer
Selected Answer: c. Spyware
O "uestion 77 1 out oI 1 points
assets are the routers, cables, servers, and Iirewall hardware and soItware that enable employees to communicate with one another and other computers on the Internet. Answer
Selected Answer: d. Network
O "uestion 78 1 out oI 1 points
A(n) captures inIormation about each TCP/IP packet it detects. Answer
Selected Answer: c. packet sniIIer
O "uestion 79 1 out oI 1 points
A sends ICMP Echo packets to multiple targets in an IP address range. Answer
Selected Answer: b. ping sweep
O "uestion 80 1 out oI 1 points
A(n) security policy should clearly deIine and establish responsibility Ior the network and Ior protecting inIormation that`s processed, stored, and transmitted on the network. Answer
Selected Answer: d. network
O "uestion 81 1 out oI 1 points
A is an attempt to connect to a computer`s ports to see whether any are active and listening. Answer
Selected Answer: d. port scan
O "uestion 82 1 out oI 1 points
A security policy doesn`t usually target the general employee population. Its purpose is to regulate IT staII who have privileged access to company servers. Answer
Selected Answer: d. server
O "uestion 83 1 out oI 1 points
An asset has an associated amount oI risk. Threats and increase the risk; countermeasures work to reduce risk. Answer