A+ flash cards Deluxe11.txt

  1. 1. Which component of physical security addresses outer-level access control? a. perimeter security b. mantraps c. security zones d. strong passwords
    A. The first layer of access control is perimeter security. Perimeter security is intended to delay or deter entrance into a facility.
  2. 2. which technology uses a physical characterstic to establish identity? a. biometrics b. surveillance c. smart card. d. CHAP authenticator
    A. Biometrics is a technology that uses personal characteristics, such as retinal patter or fingerprint, to establish identity.
  3. 3. As part of your training program, you're trying to educate users on the importance of security. You explain to them that not every attack depends on implementign advanced technological methods. Some attacks, you explain, take advantage of human shortcomings to gain access that should otherwise be denied. What term do you use to describe attacks of this type? a. Social enginerring b. IDS system c. Perimeter security d. Biometrics
    A. Social engineering uses the inherent trust in the human species, as opposed to technology, to gain access to your environmnet.
  4. 4. You've recently been hired by ACME to do a security audit. The managers of this company feel that their security measures are inadequate. Which information access control prevents users from writing information down to a lower level of security and prevents users from reading above their level of security? A. Bell-La Padula model b. Biba model c. Clark-Wilson model d. Noninterference model
    A. The Bell-La Padula model is intended to protect confidentiality of information. This is accomplished by prohibiting users from reading above their security level and preventing them from writing below their security level.
  5. 5. What tool is used in Windows Vista to encrypt an entire volume? a. BitLocker b. Syslock c. Drive Defender d. NLock
    A. BitLocker provides drive encryption and is available with Windows Vista.
  6. 6. Which of the following is a chip that can store cryptographic keys, passwords, or certificates and can be used to generate values used with whole disk encryption? a. CHAP b. MAC c. TPM d. BAP
    C. TPM is the name assigned to a chip that can store cryptographic keys, passwords, or certificates. The TPM can be used to generate values used with whole disk encryption.
  7. 7. What biometric reader are many laptop manufacturers now including on their systems? a. voice recognition b. retinal scanner c. fingerprint scanner d. face recognition
    C. Many laptop manufacturers now include fingerprint scanners on their systems.
  8. 8. You've been assigned to mentor a junior administrator and bring him up to speed quickly. The topic you're currently explaining is authentication. Which method uses a KDC to accomplish authentication for users, programs, or systems? a. CHAP b. Kerberos c. Biometrics d. Smart cards.
    B. Kerberos uses a key distribution center to authenticate a principle.
  9. 9. Which authentication method sends a challenge to the client that is encrypted and then sent back to the server? a. Kerberos b. PAP c. DAC d. CHAP
    D. Challenge Handshake Authentication Protocol.
  10. 10. After a careful risk analysis, the value of your company's data has been increased. Accordingly, you're expected to implement authentication solutions that reflect the increased value of the data. Which of the following authentication methods uses more than one authentication process for a logon? a. mutlifactor b. biometrics c. smart card d. kerberos
    a. multifactor
  11. 11. Which of the following services or protocols should be avoided in a network if possible in order to increase security? a. email b. telnet c. WWW d. ICMP
    b. Telnet
  12. 12. Of the following services, which one would be most likely to utilize a retinal scan? a. auditing b. authentication c. access control d. data confidentiality
    b. authentication is a service that requests the principal user to provide proof of his identity.
  13. 13. One of the vice presidents of the company calls a meeting with information technology after a recent trip to competitors' sites. She reports that many of the companies she visited granted access to their buildings only after a fingerprint scans, and she wants similar technology employed at this company. Of the following, which technology relies on a physical attribue of the user for authentication a. smart card b. biometrics c. mutual authentication d. tokens
    b. biometric technologies rely on a physical characteristic of the user to verify identity.
  14. 14. Your company provides medical data to doctors from a worldwide database. Because of the sensitive nature of the data you work with, it's imperative that authentication be established on each session and be valid only for that session. Which of the following authentication methods provides credentials that are valid only during a single session? a. tokens b. certificate c. smart card d. kerberos
    a. tokens.
  15. 15. Your help desk has informed you that they received an urgent phone call from the vice president last night requesting his logon ID and password. What type of attack is this? a. spoofing b. replay attack c. social engineering d. trojan horse
    c. social engineering attack
  16. 16. Internal users are reporting repeated attempts to infect their systems as reported to them by pop-up messages from their virus-scanning software. According to the pop-up messages, the virus seems to be the same in every case. Whati s the most likely culprit? a. a server is acting as a carrier for the virus. b. you have a caterpillar virus. c. your antivirus software has malfunctioned d. a DoS attack is under way.
    a. some viruses won't damage a system in an attempt to spread into all the other systems in a network. These viruses use that system as the carrier of the virus.
  17. 17. You're working late one night, and you notice that the hard disk on your new computer is very active even though you are doing anything on the computer and it isn't connected to the Internet. What is most likely suspect? a. a disk failure is imminent b. a virus is spreading in your system. c. your system is under a DoS attack d. TCP/IP hijacking is being attempted
    B. A symptom of many viruses is unusual activity on the system disk. This is caused by the virus spreading to other files on your system.

    • 18. You're the administrator for a large bottling company. At the end of each month, you routinely view all logs and look for discrepancies. This month, you e-mail system error log reports a large number of unsuccessful attempts to log on. It's apparent that the e-mail server is being targeted. Which type of attack is most likely occurring? a. software exploitation attack b. backdoor attack c. worm d. TCP/IP hijacking
    • A. A software exploitation attack attempts to exploit weaknesses in software. A common attack attempts to communicate with an established port to gain unauthorized access.
  18. 19. Upper management has decreed that a firewall must be put in place immediately, before you site suffers an attack similar to one that struck your sister company. Responding to this order, your boss instructs you to implement a packet filter by the end of the week. A packet filter performs which function? a. prevents unauthorized packets from entering the network. b. allows packets to leave the network c. allows all packets to enter the network d. eliminates collisions in the network
    A. Packet filters prevent unauthorized packets from entering or leaving a network. Packet filters are a type of firewall that block specified traffic based on IP address, protocol, and many other attributes.
  19. 20. Which media is susceptible to viruses? a. tape b. memory stick c. CD-R D. all of the above
    D. All of these devices can store and pass viruses to uninfected systems. Make sure that all files are scanned for viruses before they've copied to these media.
Card Set
A+ flash cards Deluxe11.txt
roarke008, comptia, a+