-
Is “social engineering” part of penetration testing?
yes
-
In what order should critical equipment draw power?
UPS line conditioner, UPS battery, Generator
-
What’s the best reason to use PAT instead of NAT on a new corporate mail gateway?
PAT allows external users to access the mail gateway on “pre-selected” ports.
-
Is “vulnerability exploitation” part of penetration testing?
yes
-
Which order is correct for power: first “UPS battery” and then “UPS line conditioner”, or vice versa?
vice versa
-
What is the most common access control method?
user names and password
-
The way you open and close ports, is on the ___.
firewalls
-
What is the most basic form of IDS?
signature
-
What algorithm has a small key space?
DES
-
Is the” session key” in an SSL connection symmetric or asymmetric?
symmetric
-
What should you do when conducting a password audit, using a password cracking tool?
use password masking
-
The most secure choice for authenticating remote connections?
RADIUS
-
If you don’t want to have to re-enter credentials for each application just to do your work, the answer is ___.
SSO
-
What kind of biometric authentication device can also reveal personal health information during the authentication process?
retina scanner
-
If a biometric system identifies an unauthorized user and allows them access, it is called ___.
false acceptance, (NOT false positive)
-
If you think that files may be being copied to remote locations after hours, but your file server does not have logging enabled, what is the next best place to check?
firewall logs
-
Besides applying the company security template and applying patches, what else is included in the standard procedure for hardening?
closing unnecessary network ports
-
What’s the most efficient way to restrict network access to certain ports enterprise-wide?
use an ACL
-
Is “TCP dump” used for network sniffing?
Yes. tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Tcpdump works on most Unix-like operating systems.
-
The functions of asymmetric keys are: encrypt, decrypt, ___ and ___.
sign and verify
-
Is closing all unnecessary network ports, considered part of “hardening”?
yes
-
“Snort” can be used for ___.
network sniffing
-
What is the IETF?
internet engineering task force
-
If you want to lock computers after 5 minutes of inactivity, is it better to use: group policy or registry settings?
group policy
-
Is it “buffer overflow” or “SQL injection” if a user places more information in the input field than the program expects, resulting in extra information being placed into the database?
SQL injection
-
Wireshark is used for ___.
network sniffing
-
The most secure alternative for administrative access to a router is ___.
SSH
-
Two reasons for implementing virtualization technology are: to provide a secure virtual environment for testing, and to ___.
reduce recovery time in the event of application failure
-
Describe a “spanned switch port” in the context of IDS traffic analysis.
An association of a set of source ports with a single destination port.
-
A drawback of using PAP authentication is ___.
PAP—Password Authentication Protocol sends all passwords across the network as clear text
-
SMTP “open relays” are associated with ___.
SPAM
-
What does a single sign-on require?
A unified trust model
-
What is a “security reason” to implement virtualization throughout the network infrastructure?
To isolate the various network services and roles
-
A ___ can show you which NIC is causing a broadcast storm.
protocol analyzer
-
The common mail format for digitally signed and encrypted messages is ___.
S/MIME
-
SMTP ___ are associated with SPAM distribution.
open relays
-
If you want to be able to add new users to a few key groups by default, ___ would allow you to do this.
template
-
Why might you want to implement security logging on a DNS server?
to monitor unauthorized zone transfers
-
___ creates a security buffer zone between two rooms.
mantrap
-
The primary way of establishing SAs (security associations) and managing VPN keys is via ___.
ISAKMP
-
Is temporal key interchange protocol part of IPSec?
no
-
Spammers have learned that by hijacking ___, they can launder their spam while spoofing their identity.
open relays
-
What is the main problem with biometric devices?
They are expensive and complex
-
Is hashing used to provide integrity or confidentiality?
integrity
-
Does WEP do integrity checking?
yes
-
Can “group policy” be used to secure web browser settings on all network workstations?
yes
-
If you don’t have a NIDS, how can you identify an active attack?
protocol analyzer
-
What type of security testing includes things like documentation review, system configuration review, network sniffing and integrity checking?
passive security testing techniques
-
ISAKMP is the primary way of establishing SAs (security associations) and managing ___ keys.
VPN
-
What processes do you use to monitor and protect the DNS server?
check the DNS records regularly
|
|