-
A ___ scan is nonpenetrating
vulnerability
-
Another word for profiling is ___.
foot printing
-
What is OVAL?
open vulnerability and assessment language
-
-
-
What are NMUs?
network monitoring utilities
-
What is NIPS?
network intrusion detection systems
-
What is an IRP?
incidence response policy
-
How can you prevent cross-site scripting attacks?
disable HTML code in input fields
-
If a cookie is captured, what might they get?
personal information
-
You can only trust a certificate if ___.
you trust the CA that issued it, and you can only trust that CA if you trust the CA above it on the chain
-
A certificate is also ___.
a way to distribute the holders public key
-
A ___ called a certificate authority issues certificates and the associated public/private key pairs.
server
-
The CA is responsible for setting up the ___.
(trust model)
-
What is a key escrow agent?
a third party that maintains a backup of private keys
-
Digital signatures are covered by which PKCSs?
(#7)
-
Certificate requests are covered by which PKCSs?
(#10)
-
Why do you need to install the CA certification chain?
to add the root CA as a trusted root
-
With digital certificates, you have to balance ___ versus ___.
length of private keys versus how long before requiring renewal
-
SSL is a stateful security protocol that combines ___ with ___.
certificates for authentication with RSA public key encryption
-
A vulnerability scan is ___.
non-penetrating
-
If a user dies, go to the key escrow and fetch his data, before you do what?
(before you revoke his certificate)
-
What is a CRL?
certificate revocation list
-
What is an alternative to key backup?
key escrow
-
In a key escrow scheme, what is it called when only a certain number of agents are required to recover a key?
M of N control
-
What is due care?
a policy that describes how individuals should use and maintain company-issued hardware and software
-
What is “due process”?
it refers to the idea that laws and enforcement must be fair, respectful, and consistent not necessarily based on law
-
How do you test motion detectors?
walk testing
-
If someone baits you leaving a CD in a restroom, it is probably a ___.
policy violation test
-
What is a BCP?
business continuity plan
-
What is a DRP?
disaster recovery plan
-
What are SLAs?
service level agreements
-
A backup is considered most secure, when it is stored ___ and ___.
offline and offsite
-
What is the difference between a differential backup and an incremental backup?
the IB clears the archive bits
-
What is the difference between a DRP and BCP?
the BCP focuses on keeping the most critical components of a business running after a disaster
-
Is WPA a security implementation?
yes
-
What is OMA?
open mobile alliance
-
What does CTI do?
computer telephony integration allow phone, email, fax and web to work together
-
What is tunneling?
a data transport technique that lets a data packet from one protocol to be transferred across a network inside the frame or packet of another protocol. So data from one network type can travel through another network type
-
NPS is an implementation of ___.
RADIUS
-
___ is an implementation of RADIUS.
NPS
-
What is NPS?
network policy server, on Windows Server 2008
-
What is the ISAKMP port number?
500
-
What is the L2TP port number?
1701
-
What is the PPTP port number?
1723
-
What is CHAP?
challenge handshake authentication protocol
-
Buffer overflow attacks can target everything except ___.
firmware
-
Which kind of Active-X controls are often considered to be more trustworthy?
signed
-
Java has their own protected area of memory called the ___.
sandbox
-
What does the Java bite code verifier do?
Performs a formatting test to determine if the applet originated from a trustworthy source
|
|