1. ___ simplifies user and computer security administration.
    directory services
  2. What should you check, if an email server is forwarding emails for another domain?
    SMTP open relay
  3. Which protocol is used for encryption between mail servers?
    TLS-transport layer security, which uses public key
  4. What is DTP?
    dynamic trunking protocol. VLAN trunking is a method to support multiple VLANs that have members on more than one switch. VLAN hopping is a computer security exploit, a method of attacking networked resources on a VLAN. The basic concept behind all VLAN hopping attacks is for an attacking host on a VLAN to gain access to traffic on other VLANs that would normally not be accessible.
  5. What should you disable, to reduce VLAN jumping?
    DTP-dynamic trunking protocol
  6. How do you implement a security patch in an enterprise environment?
    download patch from vendor’s secure website; test the patch; install it on all workstations
  7. What is an industry standard for remote logging?
  8. What is the strongest encryption form that can be used in all countries?
  9. Is a HIDs an in-line device?
  10. In a NIDS, a ___ provides the user interface.
  11. What is often used with L2TP?
  12. How can you increase the collision resistance of a hash?
    use salt
  13. Is signature-based NIDS configuration solely based on network traffic?
  14. Does L2TP provide confidentiality protection?
  15. What kind of security testing techniques are the following? Determine if the system is properly documented; and learn about security aspects that are only available through documentation.
    passive security testing
  16. How can a technician view the security permissions of a file?
    the ACL-access control list
  17. You are required to have the ___ privilege, in order to restore a public/private key set on a certificate authority.
    recovery agent
  18. How do you ‘test’ a newly-released patch?
    verify the integrity; verify it’s relevant to your system; test it in a nonproduction environment
  19. Does a firewall log reveal activities related to an ACL?
  20. Which is more common for securing a WEB browsing session: HTTPS or SHTTP ?
  21. When is it okay to install a hot fix?
    when no patch is available, AND workarounds do not correct the problem
  22. Can password crackers exploit weaknesses in encryption algorithms?
  23. What is a message authentication code?
    something you can use to check data integrity
  24. In “remote authentication”, you connect to a domain server in ___.
    another city
  25. What is the MOST efficient way to encrypt large amounts of data?
    symmetric key algorithms
  26. A ___ is an example of having a “user profile” that permits someone who is not administrator, to use an application which requires a user to be an administrator.
    security template
  27. How can you find all the open ports on the network?
    use a network scanner
  28. Programs need the proper ___ to use LDAP.
    authentication credentials
  29. How does RBAC (role-based access control) work?
    1.users assigned to roles; 2. Permissions assigned to roles; 3. Users acquire permissions by being a member of the role
  30. Is NESSUS a protocol analyzer?
    No—it’s a vulnerability scanner
  31. A network scanner can show you all the open ports on ___.
    the network
  32. In RBAC, you acquire permissions by being a member of ___.
    the role
  33. Is wireshark a vulnerability scanner?
    No—it’s a protocol analyzer
  34. When opening an application, the user receives an error they’ve never seen before. It’s probably because ___.
    a patch was pushed out
  35. Which encryption algorithm can be decrypted the fastest, AES or RSA?
  36. The data custodian is responsible for ___.
    the “recoverability” of the data
  37. Why should DNS logs be archived?
    In case there’s an investigation in the future
  38. Backing up all the data that has changed since the last backup is called ___.
    a differential backup
  39. To minimize the amount of time it takes to recover from your backups, should you use incremental or differential?
  40. What is the best combination on a wireless network?
    WPA with RADIUS
  41. What is WEP?
    wireless equivalency protocol, using RC4 encryption for 802.11a and 802.11b protocols
  42. What is a procedure to control inbound and outbound traffic on a network segment?
    ACL—access control list used by a router to control traffic
  43. Which log shows unauthorized usage attempts?
  44. How can you detect staff members who are connecting to an unauthorized web site?
    use a protocol analyzer
  45. The secure LDAP port # is ___.
  46. When a work station connects to a server using SSL, it uses a public key and ___.
    a “session” key
  47. It takes less time to recover a server, if ___.
    the server is implemented as a virtual server instance
  48. What type of threat requires interaction from a staff member?
    a virus
  49. ___ is a tool that permits users to only go to approved business-related websites.
    internet content filter
  50. The “authentication header” modes are ___.
    transport and tunnel
Card Set