What process describes using technology as a basis for controlling the access and usage of sensitive data? Show
technical controls "What cryptographic method, first proposed in the mid-1980s, makes use of sloping curves instead of large prime numbers? ECC True or False: Stream ciphers work on multiple characters at a time. FALSE "Choose the SQL injection statement example below that could be used to find specific users: - whatever' OR full_name = '%Mia%' - whatever' OR full_name IS '%Mia%' - whatever' OR full_name LIKE '%Mia%' - whatever' OR full_name equals '%Mia%' " whatever' OR full_name LIKE '%Mia%' "Which of the following is a system of security tools that are used to recognize and identify data that is critical to the organization and ensure that it is protected? - USB blocking - content inspection - storage sensors - data loss prevention data loss prevention
"Which of the following is the process of running a user desktop inside a virtual machine that resides on a server? - PaaS - SDN - VDI - SaaS VDI What type of structure is used to provide instructions to infected bot computers? command & control What term is used to describe state-sponsored attackers that are used for launching computer attacks against their foes? nation state actors True or False: Malware is software that enters a computer system with the user's knowledge or consent and then performs an unwanted and harmful action. FALSE True or False?: Ciphertext is the scrambled and unreadable output of encryption. TRUE "What cryptographic transport algorithm is considered to be significantly more secure than SSL? TLS "Where are MAC addresses stored for future reference? - MAC cache - Ethernet cache - ARP cache - NIC - ARP cache True or False: All modern operating systems include a hardware firewall, usually called a host-based firewall. TRUE "Which technology is a means of managing and presenting computer resources by function without regard to their physical layout or location? - IaaS - cloud computing - virtualization - PaaS virtualization True or False: A DNS amplification attack floods an unsuspecting victim by redirecting valid responses to it. TRUE "Select the email protocols that are not secure? (Choose all that apply.) - TLS - S/MIME - POP - IMAP POP, IMAP "A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below? - Stateful frame filtering - Stateless frame filtering - Stateful packet filtering - Stateless packet filtering Stateful packet filtering "What type of trust model has a single CA that acts as a facilitator to interconnect all other CAs? Bridge True or False: A vulnerability is a flaw or weakness that allows a threat to bypass security. TRUE What specific science discipline do most social engineering attacks rely on when they are being used? psychology "Which hash algorithm's primary design feature is two different and independent parallel chains of computation, the results of which are then combined at the end of the process? RIPEMD "Which type of attack below is similar to a passive man-in-the-middle attack? - replay - hijacking - denial - buffer overflow replay "What technology enables authorized users to use an unsecured public network, such as the Internet as if it were a secure private network? - IKE tunnel - VPN - endpoint - router VPN "At what level of the OSI model does the IP protocol function? - Transport Layer - Network Layer - Data link Layer - Presentation Layer Network Layer "What block cipher mode of operation encrypts plaintext and computes a message
authentication code to ensure that the message was created by the sender and that it was not tampered with during transmission? Galois/Counter "Which of the following is not one of the functions of a digital signature? Protect the key A virus that infects an executable program file is known as? program virus Which of the following is a valid fundamental security principle? Diversity, Simplicity, Layering According to the U.S. Bureau of Labor Statistics, what percentage of growth for information security analysts is the available job outlook supposed to reach through 2024? 18% What type of malware
consists of a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as a virus? rootkit "In cryptography, which of the five basic protections ensures that the information is correct and no unauthorized person or malicious software has altered that data? Integrity "What is used to create session keys? master secret True or False: JavaScript cannot create separate stand-alone applications. TRUE True or False: NAT is not a specific device, technology, or protocol. It is a technique for substituting IP addresses. TRUE "What type of system is designed to collect and consolidate logs from multiple sources for easy analysis? - centralized device log analyzer - core device log analyzer - network log device - system log manager centralized device log analyzer "What specific ways can a session token be transmitted? (Choose all that apply.) In the URL, in the header of the HTTP requisition "What device operates at the Network Layer (layer 3) of the OSI model and forwards packets across computer networks? - bridge - router - switch - hub router "A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network? - Install a VPN, configure host - Set up a proxy in front of the web server - Create a DMZ, add necessary hosts. - Configure a reduction point on a firewall Create a DMZ, add necessary hosts Which of the following is not one of the four methods for classifying the various instances of malware by using the primary trait that the malware possesses? source "When two individuals
trust each other because of the trust that exists between the individuals and a separate entity, what type of trust has been established? third-party True or False: As security is increased, convenience is often increased. FALSE True or False?: bfuscation is making something well known or clear. FALSE In information security, what can constitute a loss? All the Above Which of the following are considered to be the primary
payload capabilities found in malware? (Choose all that apply.) Everything but "modify data". Modify system settings is the fourth capability. "Which of the following asymmetric cryptography algorithms is most commonly used? RSA "What process links several certificates together to establish trust between all the certificates involved? certificate chaining True or Fales: The return address is the only element that can be altered in a buffer overflow attack. FALSE True or False: A security advantage of VLANs is that they can be used to prevent direct communication between servers. TRUE True or False: A private cloud is one in which the services and infrastructure are offered to all users with access provided remotely through the Internet. FALSE "An attack that takes advantage of the procedures for initiating a session is known as what type of attack? - DNS amplification attack - IP spoofing - smurf attack - SYN flood attack SYN flood attack True or False: TCP/IP uses its own four-layer architecture that includes the Network Interface, Internet, Transport, and Application layers. TRUE True or False: Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive. TRUE What term best describes any premeditated, politically motivated attack against information, computer systems, computer programs, and data which results in violence against noncombatant targets by sub national groups or clandestine agents? - cybercriminal cyberterrorism True or False: Root digital certificates should never be self-signed. FALSE True or False?: One of the first popular symmetric cryptography algorithms was RSA. FALSE What specific type of phishing attack uses the telephone to target a victim? vishing True or Fales: Securing web applications is easier than protecting other systems. FALSE True or False: The most popular implementation of DNS is the Unix Internet Name Domain. FALSE "What specific type of hardware card inserts into a web server that contains one or more co-processors to handle SSL/TLS - SSL/TLS accelerator - media gateway - SSL decryptor - security module SSL/TLS accelerator
True or False: Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses. FALSE "Why is IPsec considered to be a transparent security protocol? IPsec is designed to not require modifications of programs, or additional training, or additional client setup. "In which type of encryption is the same key used to encrypt and decrypt data? Symmetric What type of ransomware displays a screen and prevents the user from accessing the computer's resources? blocker ransomware What type of theft involves stealing another person's personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain? identity theft Which of the following is malicious computer code that reproduces itself on the same computer? virus "Which standard was approved by NIST in late 2000 as a replacement for DES? AES "The Authentication Header (AH) protocol is a part of what encryption protocol suite below? Ipsec True or False: A SYN flood attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer. FALSE True or False: An intranet is a separate open network that anyone can access without prior authorization. FALSE "An administrator needs to examine FTP commands that are being passed to a server. What port should the administrator be monitoring? - 19 - 20 - 21 - 22 21 "What protocol can be used by a host on a network to find the MAC address of another device based on an IP address? - DNS - ARP - TCP - UDP ARP "Which of the following protocols is unsecured? - HTTPS - TLS - SSL - FTP FTP "Select the technology that can be used to examine content through application-level filtering. - Application gateway - Security proxy - Web security gateway - Firewall Web security gateway True or False: Social engineering impersonation means to masquerade as a real or fictitious character and then play out the role of that person on a victim. TRUE True or False: Digital certificates should last forever. FALSE Select the term that best describes automated attack software? - open-source utility open-source intelligence True or False?: GNU Privacy Guard a proprietary software that runs on different operating systems. FALSE True or False: The Security Administrator reports directly to the CIO. FALSE What type of spyware silently captures and stores each keystroke that a user types on the computer's keyboard? keylogger "Data that is in an unencrypted form is referred to as which of the following? cleartext True or False: A user electronically signs a Certificate Signing Request (CSR) by affixing their public key and then sending it to an intermediate certificate authority. TRUE True or False: Traditional network security devices can block traditional network attacks, but they cannot always block web application attacks. TRUE "The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches. How can this be done? - Create a subnet for each network switch in use - Create additional subnets for the separate groups - Add all users to a single network segment - Create a VLAN and add the users' computers / ports to the correct VLAN Create a VLAN and add the users' computers / ports to the correct VLAN True or False: S/MIME can be used when mail is accessed through a web browser. FALSE True or False: The malicious content of an XSS URL is confined to material posted on a website FALSE "Select the security tool that is an inventory of applications and associated components that have been pre-approved and authorized to be active and present on the device? - malware management - inventory permissions - application whitelist - application control appliction whitelist "Which of the following is a software-based application that runs on a local host computer that can detect an attack as it occurs? - local-based intrusion detection system - host-based intrusion detection system - host-based application protection - local-based application protection host-based intrusion detection system Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format? HIPAA "At what stage can a certificate no longer be used for any type of authentication? expiration True or False?: A collision attack is an attempt to find two input strings of a hash function that produce the same hash result. TRUE "What type of computer code is typically added to a legitimate program but lies dormant until a specific logical event triggers it? logic bomb "Which type of attack broadcasts a network request to multiple computers but changes the address from which the request came to the victim's computer? - IP spoofing - denial of service - DNS Poisoning - smurf attack Smurf Attack "What are the planes used to allow SDN to virtualize parts of the physical network so that it can be more quickly and easily reconfigured? (Choose all that apply.) - data plane - management plane - control plane - data plane data plane, data plane "What term is used to describe the software agents that are used by NAC and installed on devices to gather information? - NAC check agents - server health agents - host agent health checks - network health agents host agent health checks In information security, which of the following is an example of a threat actor? all the above True or False: A Subject Alternative Name (SAN) digital certificate, is also known as a Unified Communications Certificate (UCC). TRUE True or False? Encryption is the practice of transforming information so that it is secure and cannot be accessed by unauthorized parties. FALSE "Select
the term used to describe tracking software that is deployed without the consent or control of the user. spyware Which term is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so? - cybercriminal script kiddies "What type of malicious software technology is used to download and install software without the user's interaction? automatic download software "What term best describes when cryptography is applied to entire disks instead of individual files or
groups of files? full disk encryption "What kind of digital certificate is typically used to ensure the authenticity of a web server to a client? web server "What type of privileges to access hardware and software resources are granted to users or devices? - access privileges - user rights - access rights - permissions access rights "What technology will examine the current state of a network device before allowing it can to connect to the network and force any device that does not meet a specified set of criteria to connect only to a quarantine network? - network access control - virtual LANs - network address translation - host health checks network access control True or False: Type I hypervisors run on the host operating system. FALSE "What secure protocol is recommended for time synchronization? - SRTP - S/MIME - NTP - POP NTP "When VPN network traffic is routing only some traffic over the secure VPN while other traffic directly accesses the Internet, what technology is being used? - priority tunnel - split tunneling - full tunnel - shared tunneling split tunneling True or False: A buffer overflow attack occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer. TRUE "What term best represents the resiliency of a cryptographic key to attacks? key strength "Which of the following are considered to be common
asymmetric cryptographic algorithms? (Choose all that apply.) Elliptic Curve Cryptography DigitalSignatureAlgorithm True or Fales: Smart phones give the owner of the device the ability to download security updates. FALSE "Malware that locks or prevents a device from functioning properly until a fee has been paid is known as: ransomware Which law requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information? - Gramm-Leach-Bliley Gramm-Leach-Bliley True or False: Once the malware reaches a system through circulation, then it must embed itself into that system. TRUE "What type of cryptographic algorithm creates a unique digital fingerprint of a set of data? hash "Which of the following is an input value that must be unique within some specified scope, such as for a given period or an entire session? nonce "What type of an attack is being executed if an attacker substituted an invalid MAC address for the network gateway so no users can access external networks? - ARP poisoning - man-in-the-middle - denial of service - DNS poisoning ARP Poisoning "What type of network access control uses Active Directory to scan a device to verify that it is in compliance? - agentless NAC - dissolvable NAC - dependent NAC - permanent NAC agentless NAC "What secure protocol is recommended for voice and video? - SRTP - S/MIME - IMAP - IPsec SRTP "What type of web server application attacks introduce new input to exploit a vulnerability? - language attacks - cross-site request attacks - hijacking attacks - injection attacks injection attacks "Which Cloud computing service model uses the cloud computing vendor to provide access to the vendor's software applications running on a cloud infrastructure? - Application as a Service - Infrastructure as a Service - Software as a Service - System as a Service Software as a Service "What type of network is a private network that can also be accessed by authorized external customers, vendors, and partners? - extranet - intranet - enterprise network - guest network extranet True or False: The CompTIA Security+ certification is a vendor-neutral credential. TRUE True or False: SSL v3.0 served as the basis for TLS v1.0. TRUE "Which of the following is more secure than software encryption? hardware encryption "One of the armored virus infection techniques utilizes encryption to make virus code more difficult to detect, in addition to
separating virus code into different pieces and inject these pieces throughout the infected program code. What is the name for this technique? swiss cheese "What type of attack is being performed when multiple computers overwhelm a system with fake requests? - DDoS - DoS - SYN flood - replay attacks DDOS True or False: A correlation engine aggregates and correlates content from different sources to uncover an attack. TRUE "What type of network is a private network that belongs to an organization that can only be accessed by approved internal users? - extranet - intranet - enterprise network - guest network intranet True or False: Brokers steal new product research or a list of current customers to gain a competitive advantage. FALSE "What type of trust model is used as the basis for most digital certificates used on the Internet? distributed trust "Which type of cryptographic algorithm takes an input string of any length, and returns a string of any requested variable length? sponge "What type of malware is heavily dependent on a user in order to spread? virus True or False: To mitigate risk is the attempt to address risk by making the risk less serious. TRUE "How many different Microsoft Windows file types can be infected with a virus? 50 "What technology uses a chip on the motherboard of the computer to provide cryptographic
services? TPM True or False: Some CAs issue only entry-level certificates that provide domain-only validation. TRUE "What attack occurs when a domain pointer that links a domain name to a specific web server is changed by a threat actor? - pointer hack - DNS spoofing - clickjacking - domain hijacking domain hijacking "If a network is completely isolated by an air gap from all other outside networks it is using what type of configuration? - physical network segregation - complete network segregation - network isolation - logical network segregation physical network segregation True or False: A DDoS mitigator is a software device that identifies and blocks real-time distributed denial of service (DDoS) attacks. False, it is a hardware device "Which SQL injection statement example below could be used to discover the name of the table? - whatever%20 AND 1=(SELECT COUNT(*) FROM tabname); -- - whatever' AND 1=(SELECT COUNT(*) FROM tabname); -- - whatever; AND 1=(SELECT COUNT(*) FROM tabname); -- - whatever%; AND 1=(SELECT COUNT(*) FROM tabname); -- whatever' AND 1=(SELECT COUNT(*) FROM tabname); -- "What type of computing environment allows servers, storage, and the supporting networking infrastructure to be shared by multiple enterprises over a remote network connection that had been contracted for a specific period? - virtual services - hosted services - cloud services - volume computing hosted services "Which of the following is a server that routes incoming requests coming from an external network to the correct internal server? - forward proxy - application proxy - system proxy - reverse proxy reverse proxy What
level of security access should a computer user have to do their job? least amount "Select the secure alternative to the telnet protocol: SSH "The SHA-1 hashing algorithm creates a digest that is how many
bits in length? 160 bits "What social engineering principal convinces a victim an immediate action is needed? urgency "What type of ransomware was developed to block the user from accessing the computer and
encrypts all the files on the user's device? crypto-malware "The simplest type of stream cipher, one in which one letter or character is exchanged for another, is known as what? Substitution True or False: A digital certificate is a technology used to associate a user's identity to a private key. FALSE "How can an attacker substitute a DNS address so that a computer is automatically redirected to another device? - DNS poisoning - Phishing - DNS marking - DNS overloading DNS poisoning "What type of monitoring compares network traffic, activities, transactions, or behavior against a database of known attack patterns? - application-based - protocol-based - behavioral-based - signature-based signature-based "When setting up a server virtualization environment, what component below manages the virtual machine operating systems and supports one or more guest systems? - kernel - supervisor - hypercard - hypervisor hypervisor What information security position reports to the CISO and supervises technicians, administrators, and security staff? - security manager security manager True or False: In an integer overflow attack, an attacker changes the value of a variable to something outside the range that the programmer had intended by using an integer overflow. TRUE "How can a network of physical devices be grouped into logical units, regardless of what network switches they may be connected to? - VLAN - subnets - IP address - MAC address VLAN "What vendor neutral protocol implements support for VLAN tagging? - ISL - VTP - 802.1Q - VSTP 802.1Q True or Fales: A polymorphic virus changes its internal code to one of a set number of predefined mutations whenever it is executed. FALSE "What process will
remove all private and public keys along with the user's identification information in the CA? destruction "What widely used commercial asymmetric cryptography software can be used for encrypting files and email messages? PGP Select
the information protection item that ensures that information is correct and that no unauthorized person or malicious software has altered that data. integrity "What language below is used to view and manipulate data that is stored in a relational database? - C - DQL - SQL - ISL SQL "What secure protocol is recommended for Network address translation? - SRTP - S/MIME - IMAP - IPsec IPsec "What data unit is associated with the Open Systems Interconnection layer four? - segment - packet - frame - bit segment In what
kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network? distributed "Which of the following certificates are self-signed? root digital certificates "What type of message authentication code uses hashing to authenticate the sender by using both a hash function and a secret cryptographic key? HMAC True or False: A remote access Trojan has the basic functionality of a Trojan but also gives the threat actor unauthorized remote access to the victim's computer by using specially configured communication protocols TRUE What term is used to describe a group that is strongly motivated by ideology, but is usually not considered to be well-defined and well-organized? hactivists "What type of malicious software
technology is used to monitor user behavior or gather information about the user, sometimes including personally identifiable or other sensitive information? tracking software "What type of cryptography uses two keys instead of just one, generating both a private and a public key? asymmetric "What protocol below supports two encryption modes: transport and tunnel? IPSec "What type of attack intercepts communication between parties to steal or manipulate the data? - replay - MAC spoofing - man-in-the-browser - ARP poisoning man-in-the-browser "What dedicated hardware device aggregates hundreds or thousands of VPN connections? - VPN server - VPN gateway - VPN switch - VPN concentrator VPN concentrator "In what type of cloud computing does the customer have some control over the operating systems, storage, and their installed applications? - Application as a Service - Infrastructure as a Service - Software as a Service - System as a Service Infrastructure as a Service "On an SDN network, what specific unit gives traffic the permission to flow through the network? - SDN router - SDN firewall - SDN gateway - SDN controller SDN controller "What is the name of an instruction that interrupts a program being executed and requests a service from the operating system? - system call - unit call - hardware instruction - system exception system call "What two locations can be a target for DNS poisoning? (Choose all that apply.) -local host table -external DNS server -local database table -directory server local host table, external DNS server True or False: A certificate repository (CR) is a publicly accessible centralized directory of digital certificates. TRUE "A series of instructions that can be grouped together as a single command and are often used to automate
a complex set of tasks or a repeated series of tasks are known as: macro What term refers to an action that provides an immediate solution to a problem by cutting through the complexity that surrounds it? silver bullet
"What is a block cipher algorithm that operates on 64-bit blocks and can have a key length from 32 to 448 bits? blowfish Which of the following ensures that data is accessible to authorized users? - availability availability "Which type of phishing attack targets specific users? spear phishing Frue or False?: Asymmetric cryptographic algorithms are also known as private key cryptography. False: It's known as "Public Key" cryptography "A framework for all of the
entities involved in digital certificates for digital certificate management is known as: public key infrastructure "If an attacker purchases and uses a URL that is similar in spelling and looks like a well-known web site in order for the attacker to gain Web traffic to generate income, what type of attack are they using? - spoofing - URL hijacking - Web squatting - typo hijacking URL hijacking True or False: One use of data loss prevention (DLP) is blocking the copying of files to a USB flash drive. TRUE "DNS poisoning can be prevented using the latest edition of what software below? - BIND - DHCP - WINS - finger BIND "What criteria must be met for an XXS attack to occur on a specific website? - The website must accept user input while validating it and use that input in a response. - The website must accept user input without validating it and use that input in a response. - The website must not accept user input without validating it and use that input in a response. - The website must accept user input while validating it and omit that input in a response. The website must accept user input without validating it and use that input in a response. "An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured that can help to evenly distribute work across the network, and make use of both servers in a manner that is transparent to the end users? - stateful packet filtering - Load balancing - failover servers - proxy servers Load balancing "What hardware component can be inserted into a web server that contains one or more co-processors to handle SSL/TLS processing? - SSL/TLS tap - SSL/TLS accelerator - SSL/TLS access point - SSL/TLS mirror SSL/TLS accelerator "Which of the following is a valid way to check the status of a certificate? (Choose all that apply.) " Online Certificate Status Protocol "What social engineering principal frightens and coerces a victim by using threats? intimidation Which position below is considered an entry-level position for a person who has the necessary technical skills? security technician True or False: In information technology, non-repudiation is the process of proving that a user performed an action. TRUE "Which of the following are considered to be interception attacks? (Choose all that apply.) -denial of service -amplification attack - man-in-the-middle - replay attacks man-in-the-middle, replay attacks "What data unit is associated with the Open Systems Interconnection layer two? - segment - packet - frame - bit " frame "What specific issues are associated with log management? (Choose all that apply.) - The multiple devices generating logs. - The different log formats. - The fast network transfer speeds. - The large volume of data that needs to be logged " "- The multiple devices generating logs. - The different log formats. - The large volume of data that needs to be logged" "What is a value that can be used to ensure that plaintext, when hashed, will not consistently result in the same digest? salt "What is the U.S. federal government standard for digital signatures? Digital Signature Algorithm (DSA) True or False: Vishing is a false warning, often contained in an email message claiming to come from the IT department. FALSE True or False: The Sarbanes-Oxley Act restricts electronic and paper data containing personally identifiable financial information. FALSE Those who wrongfully disclose individually identifiable health information can be fined up to what amount per calendar year? $1,500,000 "What type of system security malware allows for access to a computer, program, or service without authorization? backdoor "Which of the following is a public key system that generates random public keys that are different for each session? perfect forward secrecy "What length SSL and TLS keys are generally considered to be strong? 4096 "The exchange of information among DNS servers regarding configured zones is known as: - resource request - zone sharing - zone transfer - zone removal " zone transfer "Which of the following is defined as a security analysis of the transaction within its approved context? - USB blocking - content inspection - storage sensors - data loss prevention " content inspection "When using SNMPv1 or SNMPv2, what piece of information is needed to view information from an agent? - entity - community string - MIB - OID " community string "What type of switch is used to combine multiple network connections into a single link? - core switch - gateway switch - aggregation switch - access switch " aggregation switch True or False: The OSI model breaks networking steps down into a series of six layers. FALSE "An attack in which the attacker attempts to impersonate the user by using his or her session token is known as: - Session replay - Session spoofing - Session hijacking - Session blocking " Session hijacking "What
type of cipher takes one character and replaces it with one character, working one character at a time? stream cipher "What common method is used to ensure the security and integrity of a root CA? Keep it in an offline state from the network. "What term below is used to describe the process of gathering information for an attack by relying on the weaknesses of individuals? social engineering What term describes a
layered security approach that provides the comprehensive protection? defense-in-depth "What type of software can be installed in an individual's web browser to prevent ads from displaying? ad blocking "If Bob receives an encrypted reply message from Alice, whose private key is used to decrypt the received message? Bob's Private Key "What protocol, developed by Netscape in 1994, is designed to create an encrypted data path between a client and server that
could be used on any platform or operating system? SSL "What type of additional attack does ARP spoofing rely on? - DNS Poisoning - replay - MITB - MAC spoofing " MAC spoofing "What is the name of a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user? - forward proxy server - DNS server - VPN server - telnet server " forward proxy server True or False: File integrity check (FIC) is a service that can monitor any changes made to computer files, such as operating system files. TRUE True or False: One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government. TRUE "When an attack is designed to prevent authorized users from accessing a system, it is called what kind of attack? - MITM - spoofing - denial of service - blocking " denial of service "Which of the following protocols is used to manage network equipment and is supported by most network equipment manufacturers? - TCP/IP - FTP - SNMP - SRTP " SNMP True or False: An agent may be a permanent NAC agent and reside on end devices until uninstalled, but it cannot be a dissolvable NAC agent. FALSE "Select below the type of malware that appears to have a legitimate use, but contains something malicious: Trojan "The process by which keys are managed by a third party, such as a trusted CA, is known as? key escrow True or False: Wireless data networks are particularly susceptible to known ciphertext attacks. TRUE Which of the following is a common security framework? (Choose all that apply.) - ISO "Which SQL statement represents a SQL injection attempt to determine the names of different fields in a database? - whatever AND email IS NULL; -- - whatever; AND email IS NULL; -- - whatever"" AND email IS NULL; -- - whatever' AND email IS NULL; -- " - whatever' AND email IS NULL; -- "If a network administrator needs to configure a switch to copy traffic that occurs on some or all ports to a designated monitoring port on the switch, what switch technology will need to be supported? - interface capture - port identity - port snooping - port mirroring " port mirroring "An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices? - switch - router - firewall - hub " hub True or False: A rootkit can hide its presence, but not the presence of other malware. FALSE "What allows an application to implement an encryption algorithm for execution? crypto service providers "When Bob needs to send Alice a message with a digital signature, whose private key is used to encrypt the hash? Bob's Private Key What type of diversity is being implemented if a company is using multiple security products
from different manufacturers? vendor diversity Which of the following are considered threat actors? (Choose all that apply.) -brokers "What type
of attack is targeted against a smaller group of specific individuals, such as the major executives working for a manufacturing company? watering hole "What term describes data actions being performed by endpoint devices, such as printing a report from a desktop computer? data-in-use "What block cipher mode of operation uses the most basic approach where the plaintext is divided into blocks, and each block is then encrypted separately? Electronic Code Book "When TCP/IP was developed, the host table concept was expanded into a hierarchical name system for matching computer names and numbers using this service: - HTTP - NSDB - URNS - DNS " DNS True or False: Workgroup switches must work faster than core switches. FALSE True or False: SNMP-managed devices must have an agent or a service that listens for commands and then executes them. TRUE "What are the two types of cross-site attacks? (Choose all that apply.) - cross-site input attacks - cross-site scripting attacks - cross-site request forgery attacks - cross-site flood attacks" cross-site scripting attacks, cross-site request forgery attacks "What hardware device can be inserted into a network to allow an administrator to monitor traffic? - network tap - network mirror - shark box - shark tap " network tap True or False: Anomaly monitoring is designed for detecting statistical anomalies. TRUE
"What alternative term can be used to describe asymmetric cryptographic algorithms? public key cryptography "A document that describes in detail how a CA uses and manages certificates, as well as how end users register for a digital certificate, is known as? Certificate practice statement (CPS) What class of attacks use innovative attack tools and once a system is infected it silently extracts data over an extended period? Advanced Persistent Threat True or False: A virus self-replicates on the host computer and spreads to other computers by itself. FALSE Which of the following describes various supporting structures for implementing security that provides a resource of how to create a secure IT environment? (Choose all that apply.) - regulatory frameworks -reference architectures True or False: Phishing is sending an email or displaying a web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information. TRUE "If
using the MD5 hashing algorithm, what is the length to which each message is padded? 512 bits True or False: Some cryptographic algorithms require that in addition to a key another value can or must be input. TRUE "On a compromised computer, you have found that a user without administrative privileges was able to perform a task limited to only administrative accounts. What type of exploit has occurred? - Privilege escalation - DNS cache poisoning - ARP poisoning - Man-in-the-middle " Privilege escalation "What type of dedicated cryptographic processor that provides protection for cryptographic keys? - SSL/TLS accelerator - media gateway - SSL decryptor - hardware security module " hardware security module "Which layer of the OSI model contains the TCP protocol, which is used for establishing connections and reliable data transport between devices? - Application Layer - Presentation Layer - Network Layer - Transport Layer " Transport Layer "When an attacker promotes themselves as reputable third-party advertisers to distribute their malware through the Web ads, what type attack is being performed? - ad squatting - clickjacking - malvertising - ad spoofing " malvertising True or False: Trivial File Transfer Protocol (TFTP) uses a more memory when compared to FTP. FALSE "What kind of networking device forwards packets across different computer networks by reading destination addresses? - switch - router - bridge - firewall " router "Select the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates: Certification Authority "What type of undocumented yet benign hidden feature launches after a special set of commands, key combinations, or mouse clicks? Easter Egg To date, the single most expensive malicious attack occurred in 2000, which cost an estimated $8.7 billion. What was the name of this attack? -Nimda Love Bug "After the DES cipher was broken and no longer considered secure, what encryption algorithm was made as its successor? 3DES True or False: XSS is like a phishing attack but without needing to trick the user into visiting a malicious website. TRUE "Select the TCP/IP protocol that resolves a symbolic name to its corresponding IP address using a database consisting of an organized hierarchy tree. - WINS - NIS - TACACS+ - DNS " DNS "Which network address below is not a private IP address network? - 10.4.5.0 - 172.63.255.0 - 192.168.255.0 - 172.17.16.0 " 172.63.255.0 "Which of the following certificates verifies the identity of the entity that has control over the domain name? domain validation digital certificate True or False: The XOR cipher is based on the binary operation eXclusive OR that compares two bits. TRUE "What kind of software program delivers advertising content in a manner that is unexpected and unwanted by the user, and is typically included in malware? adware Which of the three protections ensures that only authorized parties can view information? - security confidentiality Which term below is frequently used to describe the tasks of securing information that is in a digital format? - network security information security True or False: Two types of malware have the primary trait of circulation. These are viruses and worms. TRUE "Which key exchange requires Alice and Bob to each agree upon a large prime number and related integer?
Diffie-Hellman "Which of the following is an enhanced type of domain digital certificate? Extended Validation "What technology expands the normal capabilities of a web browser for a specific webpage? - extensions - add-ons - plug-ins - Java applets " extensions "When a private network uses a single public IP address, and each outgoing TCP packet uses a different port to allow for proper translation, what networking technology is in use? - PAT - PNAT - NAPT - NAT "
PAT "What protocol suite below is the most commonly used protocol for local area network (LAN) communication? - UDP - IPX/SPX - TCP/IP - Appletalk " TCP/IP Which technology prevent a person in the network from sending sensitive information outside the Organisation?1. Use a firewall. Windows and macOS have built-in firewalls – software designed to create a barrier between your information and the outside world. Firewalls prevent unauthorized access to your business network and alert you to any intrusion attempts.
Which term is frequently used to describe the task of securing information that is in a digital format?Cybersecurity is the practice of protecting critical systems and sensitive information from digital attacks.
Which of the following are examples of technical control?Firewalls, intrusion detection systems (IDS), encryption, and identification and authentication mechanisms are examples of technical controls.
What term describes a layered security approach that provides comprehensive protection?What term describes a layered security approach that provides the comprehensive protection? defense-in-depth.
|