Shared Flashcard Set

Details

Security +
stuff
45
Computer Networking
Professional
02/08/2014

Additional Computer Networking Flashcards

 


 

Cards

Term
Which of the following BEST describes a protective countermeasure for SQL injection?
Definition
Validating user input in web applications
Term
Use of a smart card to authenticate remote servers remains MOST susceptible to which of the
following attacks?
Definition
Malicious code on the local system
Term
A CRL is comprised of:
Definition
Public keys.
Term
Which of the following algorithms has well documented collisions? (Select TWO).
Definition
MD5 & SHA
Term
Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server?
Definition
TLS
Term
Which of the following would a security administrator implement in order to discover comprehensive security threats on a network?
Definition
Vulnerability scan
Term
Data execution prevention is a feature in most operating systems intended to protect against which type of attack?
Definition
Buffer overflow
Term
Privilege creep among long-term employees can be mitigated by which of the following procedures?
Definition
User permission reviews
Term
Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place?
Definition
Penetration test
Term
A system administrator is using a packet sniffer to troubleshoot remote authentication. The
administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?
Definition
TACACS+
Term
Which of the following can use RC4 for encryption? (Select TWO).
Definition
SSL & WEP
Term
Which of the following protocols is used to authenticate the client and server’s digital certificate?
Definition
TLS
Term
Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following?
Definition
DNS poisoning
Term
Jane, a security administrator, has observed repeated attempts to break into a server. Which of the following is designed to stop an intrusion on a specific server?
Definition
HIPS
Term
A security administrator implements access controls based on the security classification of the
data and need-to-know information. Which of the following BEST describes this level of access control?
Definition
Mandatory Access Controls
Term
A security administrator has configured FTP in passive mode. Which of the following ports should
the security administrator allow on the firewall by default?
Definition
21
Term
Which of the following pseudocodes can be used to handle program exceptions?
Definition
If program module crashes, then restart program module.
Term
Which of the following can Pete, a security administrator, use to distribute the processing effort
when generating hashes for a password cracking program?
Definition
Clustering
Term
Which of the following protocols allows for secure transfer of files? (Select TWO).
Definition
SFTP & SCP
Term
During a penetration test from the Internet, Jane, the system administrator, was able to establish a
Definition
22, 23, SSH, Telnet
Term
Jane, a security administrator, has been tasked with explaining authentication services to the
company’s management team. The company runs an active directory infrastructure. Which of the
following solutions BEST relates to the host authentication protocol within the company’s environment?
Definition
Kerberos
Term
Sara, the security administrator, must configure the corporate firewall to allow all public IP
addresses on the internal interface of the firewall to be translated to one public IP address on the
external interface of the same firewall. Which of the following should Sara configure?
Definition
PAT
Term
Which of the following firewall rules only denies DNS zone transfers?
Definition
deny tcp any any port 53
Term
Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has
implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address?
Definition
Rogue access point
Term
A security administrator has been tasked to ensure access to all network equipment is controlled
by a central server such as TACACS+. This type of implementation supports which of the following risk mitigation strategies?
Definition
User rights and permissions review
Term
Which of the following types of authentication solutions use tickets to provide access to various
resources from a central location?
Definition
Kerberos
Term
After a recent breach, the security administrator performs a wireless survey of the corporate
network. The security administrator notices a problem with the following output:
MACSSIDENCRYPTIONPOWERBEACONS
00:10:A1:36:12:CCMYCORPWPA2 CCMP601202
00:10:A1:49:FC:37MYCORPWPA2 CCMP709102
FB:90:11:42:FA:99MYCORPWPA2 CCMP403031
00:10:A1:AA:BB:CCMYCORPWPA2 CCMP552021
00:10:A1:FA:B1:07MYCORPWPA2 CCMP306044
Given that the corporate wireless network has been standardized, which of the following attacks is
underway?
Definition
Evil twin
Term
The Chief Information Officer (CIO) has mandated web based Customer Relationship
Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads,
and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has
mandated that key authentication systems be run within the organization’s network. Which of the
following would BEST meet the CIO and CRO’s requirements?
Definition
Software as a Service
Term
Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?
Definition
MAC filtering
Term
Which of the following offers the LEAST secure encryption capabilities?
Definition
PAP
Term
Disabling unnecessary services, restricting administrative access, and enabling auditing controls on a server are forms of which of the following?
Definition
System hardening
Term
A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to enforce
software digital rights?
Definition
Public key infrastructure
Term
A security administrator plans on replacing a critical business application in five years. Recently,
there was a security flaw discovered in the application that will cause the IT department to
manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement. Which of the following should the security
administrator do in regards to the application?
Definition
Accept the risk and continue to enable the accounts each month saving money
Term
An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default?
Definition
LDAP
Term
A company hires outside security experts to evaluate the security status of the corporate network.
All of the company’s IT resources are outdated and prone to crashing. The company requests that all testing be performed in a way which minimizes the risk of system failures. Which of the following types of testing does the company want performed?
Definition
Vulnerability scanning
Term
During a routine audit a web server is flagged for allowing the use of weak ciphers. Which of the following should be disabled to mitigate this risk? (Select TWO).
Definition
SSL 1.0 & DES
Term
All of the following are valid cryptographic hash functions EXCEPT
Definition
RC4
Term
Which of the following application security testing techniques is implemented when an automated
system generates random input data?
Definition
Fuzzing
Term
Which of the following is BEST used as a secure replacement for TELNET
Definition
SSH
Term
Which of the following technologies uses multiple devices to share work
Definition
Load balancing
Term
Sara, a security architect, has developed a framework in which several authentication servers
work together to increase processing power for an application. Which of the following does this represent?
Definition
Clustering
Term
Which of the following firewall rules only denies DNS zone transfers?
Definition
deny tcp any any port 53
Term
Which of the following can be implemented with multiple bit strength?
Definition
AES
Term
A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?
Definition
SNMPv3
Term
Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?
Definition
MAC filtering
Supporting users have an ad free experience!