Prepare for your Network Security final exam with these practice questions and answers. This guide covers firewalls, VPNs, intrusion detection, and security protocols.
Q: Is only used by hactivists against foreign enemies
Answer: What is NOT a characteristic of Advanced Persistent Threat (APT)?
Q: Black Hat Hackers
Answer: What term was used to describe attackers who would break into a computer system without the owner’s permission and publicly disclose the vulnerability?
Q: Greater sophistication of defense tools
Answer: What is NOT a reason why it is difficult to defend against today’s attackers?
Q: The vulnerability was previously unknown and is unlikely to be patched quickly
Answer: Why can brokers command such a high price for what they sell?
Q: The necessary steps to protect a person or property from harm
Answer: What phrase describes the term “security” in a general sense?
Q: Confidentiality
Answer: ___________ ensures that only authorized parties can view the information
Q: Purposes
Answer: What is NOT a successive layer in which information security is achieved?
Q: Threat Agent
Answer: What is a person or element that has the power to carry out a threat?
Q: Authentication
Answer: _________ ensures that individuals are who they claim to be
Q: The aim of a hactivist is not to incite panic like cyberterrorists
Answer: What is the difference between a hactivist and a cyberterrorist?
Q: Limit access control
Answer: What is NOT a goal of information security?
Q: Health Insurance Portability and Accountability Act (HIPAA)
Answer: What act requires enterprises to guard protected health information and implement policies and procedures to safeguard it?
Q: They can cause significant disruption by destroying only a few targets
Answer: Why do cyberterrorists target power plants, air traffic control centers, and water systems?
Q: Reconnaissance
Answer: What is the first step in the Cyber Kill Chain?
Q: Diversity
Answer: An organization that purchased security products from different vendors is demonstrating what security principle?
Q: Stockholders
Answer: What cannot be classified as an “insider”?
Q: Cybercriminals
Answer: What are attackers called who belong to a network of identity thieves and financial fraudsters?
Q: To spy on citizens
Answer: What is an objective of state-sponsored attackers?
Q: Obscurity
Answer: An example of _______ is not revealing the type of computer, operating system, software, and network connection a computer uses
Q: Chief Information Security Officer (CISO)
Answer: The _________ is primarily responsible for assessing, managing, and implementing security
Q: Threat Evaluation
Answer: At what point in a vulnerability assessment would an attack tree be utilized?
Q: As the functional and design specifications are being developed based on the requirements
Answer: In the software development process, when should a design review be conducted?
Q: Intrusive Vulnerability Scan
Answer: A(n) _____ attempts to penetrate a system in order to perform a simulated attack.
Q: Vulnerability Assessment
Answer: A ________ is a systematic and methodical evaluation of the exposure of assets to attackers, forces of nature, and any other entity that could cause potential harm.
Q: Accounts Payable
Answer: What CANNOT be classified as an asset?
Q: Alerts users when a new patch cannot be found
Answer: What is NOT a function of a vulnerability scanner?
Q: Attack Assessment
Answer: Each of these is a step in risk management EXCEPT _____.
Q: Vulnerability appraisal is always the easiest and quickest step.
Answer: Which statement regarding vulnerability appraisal is NOT true?
Q: Threat modeling
Answer: _________ constructs scenarios of the types of threats that assets can face in order to learn who the attackers are, why they attack, and what types of attacks may occur.
Q: Vulnerability appraisal
Answer: What is a current snapshot of the security of an organization?
Q: Baseline reporting
Answer: _______ is a comparison of the present security state of a system to a standard established by the organization.
Q: Busy
Answer: Which of these is NOT a state of a port that can be returned by a port scanner?
Q: Memorandum of Understanding (MOU)
Answer: A(n) _____ is an agreement between two parties that is not legally enforceable.
Q: 20 and 21
Answer: The protocol File Transfer Protocol (FTP) uses which two ports?
Q: It attempts to standardize vulnerability assessments.
Answer: Which statement about the Open Vulnerability and Assessment Language (OVAL) is true?
Q: It cannot be part of a honeynet.
Answer: Which statement regarding a honeypot is NOT true?
Q: Fail-Open
Answer: If a software application aborts and leaves the program open, which control structure is it using?
Q: It uses automated software to scan for vulnerabilities.
Answer: Which statement about vulnerability scanning is true?
Q: White Box
Answer: If a tester is given the IP addresses, network diagrams, and source code of customer applications, the tester is using which technique?
Q: It uses FIN messages that can pass through firewalls and avoid detection.
Answer: Which statement regarding TCP SYN port scanning is NOT true?
Q: False Positive
Answer: An event that appears to be a risk but turns out not to be one is called a _____.
Q: Resistance
Answer: What is NOT a response to risk?
Q: Regulatory
Answer: What approach is NOT a part of the Simple Risk Model?
Q: Operational
Answer: A(n) _____ risk control type would use video surveillance systems and barricades to limit access to secure sites.
Q: Security-related human resource policy
Answer: A statement regarding due diligence would be found in which security policy?
Q: Operational
Answer: Which risk category addresses events that impact the daily business of the organization?
Q: Privilege
Answer: _____ management covers the procedures of managing object authorizations.
Q: Due care
Answer: _______ is defined as the obligations that are imposed on owners and operators ofassets to exercise reasonable care of the assets and take necessary precautions to protect them.
Q: Guideline
Answer: What is a collection of suggestions that should be implemented?
Q: Require all users to approve the policy before it is implemented.
Answer: Which statement is NOT a guideline for developing a security policy?
Q: State reasons why the policy is necessary.
Answer: Which statement is NOT something that a security policy must do?
Q: Representative from a hardware vendor
Answer: Which person should NOT serve on a security policy development team?
Q: Acceptable Use Policy
Answer: Which policy defines the actions users may perform while accessing systems and networking equipment?
Q: Ethics
Answer: ________ may be defined as the study of what people understand to be good and right behavior and how people make those judgments.
Q: Do not use alphabetic characters.
Answer: Which recommendation would NOT be found in a password management and complexity policy?
Q: Andragogical
Answer: For adult learners, a(n) approach (the art of helping an adult learn) is often preferred.
Q: Clean Desk Policy
Answer: Requiring employees to clear their workspace of all papers at the end of each business day is called _____.
Q: A virus can be transmitted.
Answer: What is the security risk of a P2P network?
Q: Only access a social networking site on personal time.
Answer: Which statement is NOT a general security recommendation when using social networking sites?
Q: Policies communicate a unanimous agreement of judgment.
Answer: Which statement does NOT describe a characteristic of a policy?
Q: IT contingency planning
Answer: ___________ is the process of developing an outline of procedures to be followed in the event of a major IT incident or an incident that directly impacts IT.
Q: Individuals on a decision-making level
Answer: Who should be involved in a tabletop exercise?
Q: MTTR
Answer: The average amount of time that it will take a device to recover from a failure that is not a terminal failure is called the _________.
Q: Wet chemical system
Answer: Each of these is a category of fire suppression systems EXCEPT a _____.
Q: A spark to start the process
Answer: Which of these is NOT required for a fire to occur?
Q: Class C
Answer: An electrical fire like that which would be found in a computer data center is known as what type of fire?
Q: Level 1
Answer: Which level of RAID uses disk mirroring and is considered fault-tolerant?
Q: Asymmetric server cluster
Answer: A standby server that exists only to take over for another server in the event of its failure is known as a(n) _____.
Q: Redundant Array of Independent Drives
Answer: What does the abbreviation RAID represent?
Q: Level 0+1
Answer: What is an example of a nested RAID?
Q: On-Line UPS
Answer: A(n) is always running off its battery while the main power runs the battery charger.
Q: Hot Site
Answer: Which type of site is essentially a duplicate of the production site and has all the equipment needed for an organization to continue running?
Q: It is a private document used only by top-level administrators for planning.
Answer: Which of these is NOT a characteristic of a disaster recovery plan (DRP)?
Q: How long will it take to finish the backup?
Answer: Which question is NOT a basic question to be asked regarding creating a data backup?
Q: Copies all files changed since the last full or incremental backup
Answer: What does an incremental backup do?
Q: Custody
Answer: The chain of _____ documents that the evidence was under strict control at all times and no unauthorized person was given the opportunity to corrupt the evidence.
Q: Prevent certain applications from launching that will consume too much power
Answer: A UPS can perform each of the following EXCEPT _____.
Q: Recovery Point Objective (RPO)
Answer: What is the maximum length of time that an organization can tolerate between databackups?
Q: Disk to Disk to Tape (D2D2T)
Answer: What data backup solution uses the magnetic disk as a temporary storage area?
Q: To secure the crime scene
Answer: When an unauthorized event occurs, what is the first duty of the computer forensics response team?
Q: What you do
Answer: Which authentication factor is based on a unique talent that a user possesses?
Q: A long password
Answer: What is NOT a characteristic of a weak password?
Q: Pre-image Attack
Answer: Which attack is an attempt to compare a known digest to an unknown digest?
Q: LM (LAN Manager) hash
Answer: Which algorithm is the weakest for creating password digests?
Q: It takes more time to generate candidate password digests.
Answer: How is key stretching effective in resisting password attacks?
Q: Most sites force users to create weak passwords even though they do not want to.
Answer: What is NOT a reason why users create weak passwords?
Q: An attack that slightly alters dictionary words
Answer: What is a hybrid attack?
Q: For as long as it appears on the device
Answer: A TOTP token code is valid _____.
Q: Multifactor Authentication System
Answer: What is a token system that requires the user to enter the code along with a PIN called?
Q: Common Access Card (CAC)
Answer: What is a U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel?
Q: Behavioral
Answer: Keystroke dynamics is an example of which type of biometrics?
Q: Geolocation
Answer: Creating a pattern of where a user accesses a remote web account is an example of_____.
Q: OpenID
Answer: What is a decentralized open-source FIM that does not require specific software to be installed on the desktop?
Q: Weight
Answer: Which human characteristic is NOT used for biometric identification?
Q: Cognitive
Answer: _____ biometrics is related to the perception, thought processes, and understanding ofthe user.
Q: Single Sign-On
Answer: Using one authentication credential to access multiple accounts or applications isknown as _____.
Q: Cost
Answer: What is a disadvantage of biometric readers?
Q: OAuth
Answer: Which single sign-on (SSO) technology depends on tokens?
Q: It could result in denial of service (DoS) attacks.
Answer: Why should the account lockout threshold not be set too low?
Q: HOTP
Answer: Which one-time password is event-driven?
Q: TACACS+
Answer: What is the current version of TACACS?
Q: It allows secure web domains to exchange user authentication and authorization data
Answer: How is the Security Assertion Markup Language (SAML) used?
Q: Supplicant
Answer: A RADIUS authentication server requires that the _______ be authenticated first.
Q: Determining user need (analyzing)
Answer: What is NOT part of the makeup of the AAA elements in network security?
Q: RADIUS
Answer: With the development of IEEE 802.1x port security, the _____ authentication server has seen even greater usage.
Q: Kerberos
Answer: Which authentication protocol is available as a free download that runs on Microsoft Windows, Apple Mac OS X, and Linux?
Q: LDAP
Answer: What is the version of the X.500 standard that runs on a personal computer over TCP/IP?
Q: Identification
Answer: A user entering her user name would correspond to the __________ action in access control.
Q: Subject
Answer: A process functioning on behalf of the user who attempts to access a file is known as a(n) _____.
Q: Custodian
Answer: What is the name given to the individual who periodically reviews security settings and maintains records of access by users?
Q: Mandatory Access Control
Answer: In the ________ model, the end-user cannot change any security settings.
Q: It dynamically assigns roles to subjects based on rules.
Answer: Which statement about Rule Based Access Control is true?
Q: Implicit Deny
Answer: _____ in access control means that if a condition is not explicitly met, then access is to be rejected.
Q: Access Control List (ACL)
Answer: Which of these is a set of permissions that is attached to an object?
Q: Group Policy
Answer: Which Microsoft Windows feature provides centralized management and configuration of computers and remote users who are using Active Directory?
Q: LDAP injection attack
Answer: A(n) _____ constructs LDAP statements based on user inputs in order to retrieve information from the database or modify its contents.
Q: Discretionary Access Control (DAC)
Answer: What is the least restrictive access control model?
Q: Least Privilege
Answer: The principle known as _________ in access control means that each user should be given only the minimal amount of privileges necessary for that person to perform his job function.
Q: Owner
Answer: A(n) _________ is the person who is responsible for the information, determines the level of security needed for the data, and delegates security duties as required.
Q: Is assigned a label
Answer: In the Mandatory Access Control (MAC) model, every subject and object _____.
Q: Physical keyboard
Answer: Which technology is NOT a characteristic of a mobile device?
Q: Operating System
Answer: Each optional feature is found on most mobile devices EXCEPT ________.
Q: Laptop
Answer: What type of computer most closely resembles a desktop computer?
Q: Ease of use
Answer: Tablet computers are designed for _______.
Q: Personal Digital Assistant (PDA)
Answer: One of the first mobile devices was a _______.
Q: SmallSD
Answer: What is NOT a size of SD cards?
Q: Public networks are faster than local networks and can spread malware morequickly to mobile devices.
Answer: What is NOT a risk of connecting a mobile device to a public network?
Q: Location services
Answer: Mobile devices using _________ are at increased risk of targeted physical attacks.
Q: Android apps can be sideloaded
Answer: What is one reason Android devices are considered to be at a higher security risk than iOS devices?
Q: Image
Answer: What can a QR code NOT contain?
Q: Lock Screen
Answer: What prevents a mobile device from being used until the user enters the correct passcode?
Q: Reset to factory settings
Answer: Bob has attempted to enter the passcode for his mobile device but keeps entering the wrong code. Now he is asked to enter a special phrase to continue. This means that Bob’s mobile device is configured to ________.
Q: It separates personal data from corporate data
Answer: What does containerization do?
Q: Mobile Device Management (MDM)
Answer: What allows a device to be managed remotely?
Q: Last known good configuration
Answer: What is NOT a security feature for locating a lost or stolen mobile device?
Q: Geo-Fencing
Answer: What enforces the location in which an app can function by tracking the location of the mobile device?
Q: Cost increases
Answer: What is NOT an advantage of BYOD for an organization?
Q: Subnotebook
Answer: Which mobile device is the smallest?
Q: On the Internet
Answer: Where does a web-based computer store user files?
Q: Low-Capacity
Answer: What is NOT a type of SD card?
Q: Near Field Communication (NFC)
Answer: Which technology is predominately used for contactless payment systems?
Q: Personal Area Network (PAN)
Answer: Bluetooth falls under the category of .
Q: 802.11ac
Answer: Which IEEE WLAN has the highest data rate?
Q: Wireless Probe
Answer: Which technology is NOT found in a wireless broadband router?
Q: It allows an attacker to bypass many of the network security configurations.
Answer: Why is a rogue AP a security vulnerability?
Q: Only 50 percent of the packets will be encrypted.
Answer: What is NOT a risk when a home wireless router is not securely configured?
Q: PIN method
Answer: Which Wi-Fi Protected Setup (WPS) method is vulnerable?
Q: Captive Portal
Answer: If Cora tries to access a free public Wi-Fi at a local coffee shop that requires her to first agree to an Acceptable Use Policy (AUP) before continuing, what type of AP has she encountered?
Q: BlueSnarfing
Answer: What is the unauthorized access of information from a wireless device through a Bluetooth connection called?
Q: Evil Twin
Answer: The primary design of a(n) ________ is to capture the transmissions from legitimate users.
Q: MAC addresses are initially exchanged between wireless devices and the AP in an unencrypted format
Answer: What is a vulnerability of MAC address filtering?
Q: Users can more easily roam from one WLAN to another.
Answer: What is NOT a limitation of turning off the SSID broadcast from an AP?
Q: Its usage creates a detectable pattern
Answer: What is the primary weakness of Wired Equivalent Privacy (WEP)?
Q: Temporal Key Integrity Protocol (TKIP)
Answer: WPA replaces WEP with _________.
Q: 20
Answer: A Preshared Key (PSK) of fewer than _______ characters may be subject to an attack if that key is a common dictionary word.
Q: Has an initialization vector (IV) that is the same length as a WEP key of 64 bits
Answer: A WEP key that is 128 bits in length __________.
Q: WPA2
Answer: AES-CCMP is the encryption protocol standard used in _________.
Q: A framework for transporting authentication protocols
Answer: What is the Extensible Authentication Protocol (EAP)?
Q: PEAP
Answer: Which technology should be used instead of LEAP?
Q: WNIC Probe
Answer: What is NOT a type of wireless AP probe?
Q: iSCSI
Answer: Which high-speed storage network protocols used by a SAN is IP-based?
Q: FC hard zone
Answer: Which Fibre Channel zone is the most restrictive?
Q: List of remote NetBIOS names
Answer: An attacker cannot use NetBIOS to determine ______.
Q: Access Log
Answer: Which type of log can provide details regarding requests for specific files on a system?
Q: Firewall Log
Answer: Which type of device log contains the most beneficial security data?
Q: Public Cloud
Answer: What type of cloud is offered to all users?
Q: Router Delay
Answer: What would NOT be a valid Internet Control Message Protocol (ICMP) error message?
Q: ICMP Poisoning
Answer: Internet Control Message Protocol (ICMP) is NOT used by which kind of attacks?
Q: SNMPv3
Answer: What version of Simple Network Management Protocol (SNMP) is considered the most secure?
Q: DNS poisoning
Answer: Which Domain Name System (DNS) attack replaces a fraudulent IP address for a symbolic name?
Q: SFTP
Answer: Which of these is the most secure protocol for transferring files?
Q: Making all configuration changes remotely
Answer: What is NOT a technique for securing a router?
Q: It prevents DoS or DDoS attacks
Answer: What statement about a flood guard is true?
Q: Successful logins
Answer: What is NOT an entry in a firewall log that should be investigated?
Q: Connect them to different switches and routers
Answer: If a group of users must be separated from other users, what is the most secure network design?
Q: It prevents a broadcast storm that can cripple a network
Answer: Why is loop protection necessary?
Q: It limits devices that can connect to a switch
Answer: What does MAC limiting and filtering do?
Q: Makes a request to the authenticator
Answer: In a network using IEEE 802.1x, a supplicant __________.
Q: The Windows virtual machine needs its own security
Answer: What statement is true regarding security for a computer that boots to Apple Mac OS X and then runs a Windows virtual machine?
Q: Virtual servers are less expensive that their physical counterparts
Answer: What is NOT a security concern of virtualized environments?
Q: Filter packets based on protocol settings
Answer: Which secure feature does a load balancer NOT provide?
Q: Date
Answer: What would NOT be a filtering mechanism found in a firewall rule?
Q: Application-Aware Firewall
Answer: A(n) _____ can identify the application that send packets and then make decisions about filtering based on it.
Q: Intrusion Detection
Answer: What function does an Internet content filter NOT perform?
Q: It discards unsolicited packets.
Answer: How does network address translation (NAT) improve security?
Q: Logically
Answer: How does a virtual LAN (VLAN) allow devices to be grouped?
Q: Hub
Answer: Which device is easiest for an attacker to take advantage of in order to capture and analyze packets?
Q: ARP address impersonation
Answer: What is NOT an attack against a switch?
Q: It contains servers that are used only by internal network users.
Answer: Which statement regarding a demilitarized zone (DMZ) is NOT true?
Q: It removes private addresses when the packet leaves the network.
Answer: Which statement about network address translation (NAT) is true?
Q: The risk of overloading a desktop client is reduced.
Answer: What is NOT an advantage of a load balancer?
Q: proxy server
Answer: A(n) _______ intercepts internal user requests and then processes those requests onbehalf of the users.
Q: Routes incoming requests to the correct server
Answer: A reverse proxy _____.
Q: With the SMTP server
Answer: Where is the preferred location for installation of a spam filter?
Q: Network Intrusion Detection System (NIDS)
Answer: A _____ watches for attacks and sounds an alert only when one occurs.
Q: Unified Threat Management (UTM)
Answer: A multipurpose security device is known as _______.
Q: A protocol analyzer
Answer: What cannot be used to hide information about the internal network?
Q: A NIPS can take action more quickly to combat an attack.
Answer: What is the difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS)?
Q: Address Resolution Protocol (ARP) poisoning
Answer: If a device is determined to have an out-of-date virus signature file, then Network Access Control (NAC) can redirect that device to a network by _____.
Q: Stateful Packet Filtering
Answer: A firewall using _________ is the most secure type of firewall.
Q: Certificate Signing Request (CSR)
Answer: A _________ is a specially formatted encrypted message that validates the information the CA requires to issue a digital certificate.
Q: Online Certificate Status Protocol (OCSP)
Answer: _____ performs a real-time lookup of a digital certificate’s status.
Q: Session keys
Answer: _____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity.
Q: SSL v2.0
Answer: What is considered the weakest cryptographic transport protocol?
Q: Digital Certificate
Answer: The strongest technology that would assure Alice that Bob is the sender of a message is a(n) _____.
Q: The user’s identity with his public key
Answer: A digital certificate associates ____________.
Q: To verify the authenticity of the Registration Authorizer
Answer: Digital certificates cannot be used ________.
Q: Certificate Authority (CA)
Answer: An entity that issues digital certificates is a ________.
Q: Certificate Repository (CR)
Answer: A centralized directory of digital certificates is called a(n) __________ .
Q: Server Digital Certificate
Answer: In order to ensure a secure cryptographic connection between a web browser and a web server, a(n) _____ would be used.
Q: Extended Validation SSL Certificate
Answer: A digital certificate that turns the address bar green is a(n) ________.
Q: Third
Answer: The ________-party trust model supports CA.
Q: Are widely accepted in the industry
Answer: Public Key Cryptography Standards (PKCS) ________.
Q: It is designed for use on a large scale.
Answer: What statement is NOT true regarding hierarchical trust models?
Q: In digests
Answer: Where can keys NOT be stored?
Q: Is the management of digital certificates
Answer: Public Key Infrastructure (PKI) _____.
Q: Certificate Policy (CP)
Answer: A(n) _____ is a published set of rules that govern the operation of a PKI.
Q: Authorization
Answer: Which of these is NOT part of the certificate life cycle?
Q: Key Escrow
Answer: _____ refers to a situation in which keys are managed by a third party, such as a trusted CA.
Q: Secure Shell (SSH)
Answer: _____ is a protocol for securely accessing a remote computer.
Q: Virus
Answer: A(n) ____________ requires a user to transport it from one computer to another.
Q: Transport itself through the network to another device
Answer: What is NOT an action that a virus can take?
Q: Ransomware
Answer: Which malware locks up a user’s computer and then displays a message that purports to come from a law enforcement agency?
Q: Intimidation
Answer: What is an attempt to influence a user by coercion?
Q: Trojan
Answer: A user who installs a program that prints out coupons but in the background silently collects her passwords has installed a _________
Q: Reformat the hard drive and reinstall the operating system.
Answer: What should you do to completely remove a rootkit form a computer?
Q: Send spam email to all users in the company on Tuesday
Answer: What could NOT be defined as a logic bomb?
Q: Typo Squatting
Answer: What is it called when a user makes a typing error when entering a URL that takes him to an imposter website?
Q: Spyware
Answer: What is a general term used for describing software that gathers information without the user’s consent?
Q: Software keyloggers are easy to detect
Answer: What statement regarding a keylogger is NOT true?
Q: Hypertext Transport Protocol (HTTP)
Answer: The preferred method today of bot herders for command and control of zombies is ________.
Q: Users who access a common website
Answer: A watering hole attack is directed against _______.
Q: Whaling
Answer: ________ sends phishing messages only to wealthy individuals.
Q: Spim
Answer: What is unsolicited instant messaging called?
Q: Impersonation
Answer: Michelle pretends to be the help desk manager and calls Steve to trick him into giving her his password. What social engineering attack has Michelle performed?
Q: A hoax could convince a user that a bad Trojan is circulating and that he should change his security settings.
Answer: How can an attacker use a hoax?
Q: Books
Answer: What items retrieved through dumpster diving would NOT provide useful information?
Q: Tailgating
Answer: _________ is following an authorized person through a secure door.
Q: It displays the attack’s programming skills.
Answer: What is NOT a reason why adware is scorned?
Q: Bot Herder
Answer: What is the term used for an attacker who controls multiple zombies in a botnet?
Q: The processors on clients are smaller than on web servers and thus they are easier to defend.
Answer: What is NOT a reason why securing server-side web applications is difficult?
Q: Content-length
Answer: What is not an HTTP header attack?
Q: Flash cookie
Answer: What is another name for a locally shared object?
Q: Can be embedded inside a webpage but add-ons cannot.
Answer: Browser plug-ins _________.
Q: Integer overflow
Answer: An attacker who manipulates the maximum size of an integer type would be performing what kind of attack?
Q: Transitive
Answer: What kind of attack is performed by an attacker who takes advantage of the inadvertent and unauthorized access built through succeeding systems that all trust one another?
Q: Traditional network security devices ignore the content of HTTP traffic, which is the vehicle of web application attacks.
Answer: What statement is correct regarding why traditional network security devices cannot by used to block web application attacks?
Q: Point to another area data memory that contains the attacker’s malware code
Answer: What do attackers use buffer overflows to do?
Q: XSS does not attack the web application server to steal or corrupt its information
Answer: What is unique about a cross-site scripting (XSS) attack compared to other injection attacks?
Q: Third-party cookie
Answer: What is a cookie that was not created by the website being viewed called?
Q: To inject SQL statements through unfiltered user input
Answer: What is the basis of a SQL injection attack?
Q: Reformat the web application server’s hard drive
Answer: What action cannot be performed through a successful SQL injection attack?
Q: XML
Answer: Which markup language is designed to carry data?
Q: Directory Traversal
Answer: What type of attack involves an attacker accessing files in directories other than the root directory?
Q: HTTP Header
Answer: Which type of attack modifies the fields that contain the different characteristics of the data that is being transmitted?
Q: A random string assigned by a web server
Answer: What is a session token?
Q: Push Flood
Answer: Which of these is NOT a DoS attack?
Q: Man-in-the-Middle
Answer: What type of attack intercepts legitimate communication and forges a fictitious response to the sender?
Q: Makes a copy of the transmission for use at a later time
Answer: A replay attack _________
Q: Substitutes DNS addresses so that the computer is automatically redirected to another device.
Answer: DNS poisoning ____________.
Q: Administrative Controls
Answer: What type of controls are the processes for developing and ensuring that policies and procedures are carried out?
Q: Resource Control
Answer: What is NOT an activity phase control?
Q: Barricade
Answer: What is NOT designed to prevent individuals from entering sensitive areas but instead is intended to direct traffic flow?
Q: Moisture
Answer: Which of the following is NOT a motion detection method?
Q: Keyed Entry Lock
Answer: The residential lock most often used for keeping out intruders is the ________.
Q: Deadbolt Lock
Answer: A lock that extends a solid metal bar into the door frame for extra security is the ____________.
Q: It monitors and controls two interlocking doors to a room.
Answer: What statement about a mantrap is true?
Q: Vapor Barrier
Answer: What cannot be used along with fencing as a security perimeter?
Q: Cable Lock
Answer: A ___________ can be used to secure a mobile device.
Q: Periodic Visual Inspections
Answer: What is NOT a characteristic of an alarmed carrier PDS?
Q: Develop a security policy.
Answer: What is the first step in securing an operating system?
Q: Performing a security risk assessment
Answer: A typical configuration baseline would NOT include _____________.
Q: Keyboard Mapping
Answer: What is NOT a Microsoft Windows setting that can be configured through a security template?
Q: Group Policy
Answer: ___________ allows for a single configuration to be set and then deployed to many or all users.
Q: Hotfix
Answer: A ____________ addresses a specific customer situation and often may not be distributed outside that customer’s organization.
Q: Users can disable or circumvent updates just as they can if their computer is configured to use the vendor’s online update service.
Answer: What is NOT an advantage to an automated patch update service?
Q: Data In-Process
Answer: What is NOT a state of data that DLP examines?
Q: A virtualized environment is created and the code is executed in it.
Answer: How does heuristic detection detect a virus?
Q: Whitelist
Answer: What is a list of approved email senders?
Q: It can only protect data while it is on the user’s personal computer
Answer: What statement about data loss prevention (DLP) is NOT true?
Q: Encrypts the key and the message
Answer: The Hashed Message Authentication Code (HMAC) __________.
Q: SHA-3
Answer: What is the latest version of the Secure Hash Algorithm?
Q: OTP
Answer: Which encryption method cannot be broken mathematically?
Q: In-band Key Exchange
Answer: Elliptic Curve Diffie-Hellman (ECDH) is an example of _________.
Q: Diffie-Hellman (DH)
Answer: Which key exchanges uses the same keys each time?
Q: Perfect Forward Secrecy
Answer: Public key systems that generate random public keys that are different for each session are called _______.
Q: Plaintext
Answer: What is data called that is to be encrypted by inputting it into an cryptographic algorithm?
Q: Risk Loss
Answer: What is NOT a basic security protection for information that cryptography can provide?
Q: In the directory structure of the file system
Answer: The areas of a file in which steganography can hide data do NOT include ________.
Q: Non-Repudation
Answer: Proving that a user sent an email message is known as .
Q: Digest
Answer: A(n) _________ is not decrypted but is only used for comparison purposes.
Q: Collisions should be rare
Answer: What is NOT a characteristic of a secure hash algorithm?
Q: Integrity
Answer: What protection is provided by hashing?
Q: Advanced Encryption Standard
Answer: Which of these is the strongest symmetric cryptography algorithm?
Q: Alice’s public key
Answer: If Bob wants to send a secure message to Alice using an asymmetric cryptographicalgorithm, which key does he use to encrypt the message?
Q: Verify the receiver
Answer: A digital signature can provide each of the following benefits EXCEPT ___________.
Q: RSA
Answer: Which asymmetric cryptography algorithm is the most secure?
Q: RSA
Answer: Which asymmetric encryption algorithm uses prime numbers?
Q: Provides cryptographic services in hardware instead of software
Answer: The Trusted Platform Module (TPM) _________.
Q: Hardware Security Module (HSM)
Answer: What has an onboard key generator and key storage facility, as well as accelerated symmetric and asymmetric encryption, and can back up sensitive material in encrypted form?