-
How do you “automate” the deployment of updates to workstations and servers?
use a patch management system
-
What provides a 128-bit hash?
MD5
-
The primary way to mitigate Trojans is ___.
apply proper security permissions to files and folders
-
Who is ultimately responsible for the amount of residual risk?
senior management
-
___ access control grants permissions based on the user’s position in the company.
role based
-
Is SAFER a key-exchange protocol?
No. In cryptography, SAFER (Secure And Fast Encryption Routine) is the name of a family of block ciphers
-
What’s the best way to secure log files?
copy them to a remote log server
-
What algorithm is employed by TLS?
Diffe-Hellman. TLS is Transport Layer Security
-
What is the best wireless security practice?
WPA2 with TKIP, which is temporal key integrity protocol
-
The process of least privilege protects ___.
confidentiality
-
Only the ___ authentication method protects from “replay” attacks.
Kerberos
-
What type of thing won’t help to reduce a “single point of failure”?
mandatory vacations
-
A (an) ___ algorithm is fast and hard to break if a large key size is used.
symmetric
-
What should a technician do if he finds illegal content on an incident response?
follow incidence response procedures
-
Two things to ensure that appropriate employees have access are ___.
periodic employment verifications, and user/groups rights reviews
-
Port scanners can’t reveal ___.
vulnerabilities
-
Why do security researchers use virtual machines?
to test malware with minimal risk to equipment and software
-
___ is associated with DLL injection.
penetration testing
-
What do you get from proper “logging procedures”?
you know which files have been accessed, and you know who’s logging-on to the system
-
A biometric authentication system does not need a ___.
hardware token
-
The oldest asymmetric algorithm is ___.
DES
-
Can stegenography be used to watermark graphics for copyright?
yes
-
Is running weekly spyware applications considered a “hardening” technique?
No
-
What allows directory permissions to filter-down through the subdirectory hierarchy?
inheritance
-
When implementing logging-controls on multiple systems, you should consider what?
systems clocks synchronization and systems capacity & performance
-
What can prevent malware from being introduced while browsing the internet?
pop up blockers
-
What is likely to crash a workstation?
penetration testing
-
What is SPIM?
spam targeted at instant messaging or cell phones
-
Which is better to use, to detect a DoS attack: performance monitor or a protocol analyzer?
performance monitor
-
What NAC scanning type is the least intrusive to test the client?
“agentless”. NAC is network access control
-
What protects the ‘home user’ from the internet?
personal firewall
-
How would you logically separate a network through a switch?
VLAN
-
If you intercept ___, you can access a user’s email information.
browser cookies
-
The best way for an administrator to quickly find a PC with a blank administrator password, is to use a ___.
vulnerability scanner
-
Being able to access your email and secure applications from any workstation on the network, is an example of ___.
SSO
-
The best form of high-level encryption is ___.
AES with ECC
-
The best access-control model for the concept of “separation of duties” is ___.
role based access control
-
Administrators having both a regular user account and a privileged user account, is an example of what security principle?
least privilege
-
The primary function of risk management is to reduce a risk to a level ___.
the organization will accept
-
___ will prevent a person from booting into removable storage media, if the correct boot sequence is already set?
BIOS password settings
-
How can you detect a botnet zombie using HTTP traffic to encapsulate IRC traffic?
use an anomaly-based IDS
-
A back door is ___ for ease of administration.
programmed into an application
-
Before given access to a network, the user must complete ___ and ___.
identification and authentication
-
What generates as much network traffic as port scanning?
vulnerability scanner
-
What should be set as the “default action” in the design of a firewall policy?
implicit deny
-
What type of algorithm is often used in portable devices?
ECC
-
Does a hash-function always have a fixed-length output?
Yes
-
Where should you place the “email proxy” and the “email server” to secure your email infrastructure?
email proxy in the DMZ; email server in the internal network
-
What is the primary security risk associated with removable storage?
confidentiality
-
What type of mapping is used by a static NAT?
one-to-one mapping
|
|