1. What device will tell you if you’re being hit by a bot net?
    performance monitor (PM)
  2. ___ is where an attacker leaves a piece of removable media like a CD ROM, in a place where an unsuspecting user is likely to find it.
    Baiting. This attack is sometimes called a road apple
  3. What are Nessus and Nmap?
    security analyzers for UNIX systems
  4. What are MBSA and SCW?
    security analyzers for Microsoft
  5. What is mutual authentication?
    first a service or resource verifies the client’s credentials, then the client verifies the resource’s credentials
  6. The “marker” in a message, is an example of ___.
  7. How do you decrypt a hash?
    you cannot
  8. What is a one-time pad?
    an encryption algorithm where a key is used only once
  9. What is TPM?
    trusted platform module that goes with “bit locker” that generates keys and random numbers. Can be used to encrypt your drive or for digital rights management or to authenticate hardware
  10. What is MD5?
    a hashing algorithm
  11. What is SHA?
    secure hash algorithm
  12. What is LANMAN?
    a hashing algorithm that creates weak passwords
  13. What is NTLM?
    a hashing algorithm authentication protocol
  14. AES and ___ go together.
  15. Reindale and ___ go together.
  16. Elliptic curve algorithm is ___.
  17. Another term for a marker inserted into a message is ____.
    digital signature
  18. What was the first successful algorithm to be designed for public key encryption?
  19. Rijindel is the most popular form of ___.
  20. What is PPP?
    point-to-point protocol
  21. What does PPP (point to point) protocol do?
    it enables a work station to communicate to a server using a serial connection. It requires little configuration
  22. What does Diffe-Hellman provide you?
    secure key exchange
  23. What is IDS?
    intrusion detection system
  24. What is a domain name?
    the symbolic name that identifies a domain, like www.everythingforcoffee.com usually associated with a company or other organization
  25. HIDS stands for ___.
    host-based intrusion detection system
  26. DSA stands for ___.
    Digital signature algorithm, used only for authentication. Similar to RSA
  27. 802.11i specifies what kind of encryption?
  28. Shared-key encryption is the same as ___.
    Symmetric encryption
  29. Symmetric encryption is the same as ___.
    Shared-key encryption
  30. Why might environmental controls be considered to be critical?
    if the HVAC system goes out during summertime
  31. What is port 25?
  32. What is port 110?
  33. What is port 443?
  34. What is port 80?
  35. What really is HTTPS?
    HTTP over SSL
  36. What are the two OSI model layer acronyms?
    all people seem to need data processing, and please do not throw stale pizza away
  37. DAC and RBAC are very similar, so look for the word ___ in the working of the question.
  38. Why require a mandatory vacation?
    to audit the person on vacation
  39. What is PMI?
    privilege management infrastructure
  40. Does MAC or DAC deal with top secret, secret, etc. levels?
  41. Does MAC or DAC use ACLs?
  42. What does ACL mean?
    access control list
  43. ___ over-rules any other access you may have.
  44. List the three authentication factors.
    something you know, have and are
  45. Kerberos authentication is based on a ___ ticket granting system.
    time sensitive
  46. What is a DC?
    domain controller: a server that responds to security authentication requests
  47. What is KBA?
    knowledge based authentication, i.e. Your mother’s maiden name
  48. What two things are related by the DNS server?
    host names and their associated IP addresses
  49. Most hosts are named ___.
  50. A ___ is a computer that enables resource sharing by other computers on the same network.
Card Set