-
___ simplifies user and computer security administration.
directory services
-
What should you check, if an email server is forwarding emails for another domain?
SMTP open relay
-
Which protocol is used for encryption between mail servers?
TLS-transport layer security, which uses public key
-
What is DTP?
dynamic trunking protocol. VLAN trunking is a method to support multiple VLANs that have members on more than one switch. VLAN hopping is a computer security exploit, a method of attacking networked resources on a VLAN. The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.
-
What should you disable, to reduce VLAN jumping?
DTP-dynamic trunking protocol
-
How do you implement a security patch in an enterprise environment?
download patch from vendor’s secure website; test the patch; install it on all workstations
-
What is an industry standard for remote logging?
syslog
-
What is the strongest encryption form that can be used in all countries?
WEP
-
Is a HIDs an in-line device?
no
-
In a NIDS, a ___ provides the user interface.
console
-
What is often used with L2TP?
IPSec
-
How can you increase the collision resistance of a hash?
use salt
-
Is signature-based NIDS configuration solely based on network traffic?
yes
-
Does L2TP provide confidentiality protection?
no
-
What kind of security testing techniques are the following? Determine if the system is properly documented; and learn about security aspects that are only available through documentation.
passive security testing
-
How can a technician view the security permissions of a file?
the ACL-access control list
-
You are required to have the ___ privilege, in order to restore a public/private key set on a certificate authority.
recovery agent
-
How do you ‘test’ a newly-released patch?
verify the integrity; verify it’s relevant to your system; test it in a nonproduction environment
-
Does a firewall log reveal activities related to an ACL?
yes
-
Which is more common for securing a WEB browsing session: HTTPS or SHTTP ?
HTTPS
-
When is it okay to install a hot fix?
when no patch is available, AND workarounds do not correct the problem
-
Can password crackers exploit weaknesses in encryption algorithms?
yes
-
What is a message authentication code?
something you can use to check data integrity
-
In “remote authentication”, you connect to a domain server in ___.
another city
-
What is the MOST efficient way to encrypt large amounts of data?
symmetric key algorithms
-
A ___ is an example of having a “user profile” that permits someone who is not administrator, to use an application which requires a user to be an administrator.
security template
-
How can you find all the open ports on the network?
use a network scanner
-
Programs need the proper ___ to use LDAP.
authentication credentials
-
How does RBAC (role-based access control) work?
1.users assigned to roles; 2. Permissions assigned to roles; 3. Users acquire permissions by being a member of the role
-
Is NESSUS a protocol analyzer?
No—it’s a vulnerability scanner
-
A network scanner can show you all the open ports on ___.
the network
-
In RBAC, you acquire permissions by being a member of ___.
the role
-
Is wireshark a vulnerability scanner?
No—it’s a protocol analyzer
-
When opening an application, the user receives an error they’ve never seen before. It’s probably because ___.
a patch was pushed out
-
Which encryption algorithm can be decrypted the fastest, AES or RSA?
AES
-
The data custodian is responsible for ___.
the “recoverability” of the data
-
Why should DNS logs be archived?
In case there’s an investigation in the future
-
Backing up all the data that has changed since the last backup is called ___.
a differential backup
-
To minimize the amount of time it takes to recover from your backups, should you use incremental or differential?
differential
-
What is the best combination on a wireless network?
WPA with RADIUS
-
What is WEP?
wireless equivalency protocol, using RC4 encryption for 802.11a and 802.11b protocols
-
What is a procedure to control inbound and outbound traffic on a network segment?
ACL—access control list used by a router to control traffic
-
Which log shows unauthorized usage attempts?
security
-
How can you detect staff members who are connecting to an unauthorized web site?
use a protocol analyzer
-
The secure LDAP port # is ___.
636
-
When a work station connects to a server using SSL, it uses a public key and ___.
a “session” key
-
It takes less time to recover a server, if ___.
the server is implemented as a virtual server instance
-
What type of threat requires interaction from a staff member?
a virus
-
___ is a tool that permits users to only go to approved business-related websites.
internet content filter
-
The “authentication header” modes are ___.
transport and tunnel
|
|
