1. Is “social engineering” part of penetration testing?
  2. In what order should critical equipment draw power?
    UPS line conditioner, UPS battery, Generator
  3. What’s the best reason to use PAT instead of NAT on a new corporate mail gateway?
    PAT allows external users to access the mail gateway on “pre-selected” ports.
  4. Is “vulnerability exploitation” part of penetration testing?
  5. Which order is correct for power: first “UPS battery” and then “UPS line conditioner”, or vice versa?
    vice versa
  6. What is the most common access control method?
    user names and password
  7. The way you open and close ports, is on the ___.
  8. What is the most basic form of IDS?
  9. What algorithm has a small key space?
  10. Is the” session key” in an SSL connection symmetric or asymmetric?
  11. What should you do when conducting a password audit, using a password cracking tool?
    use password masking
  12. The most secure choice for authenticating remote connections?
  13. If you don’t want to have to re-enter credentials for each application just to do your work, the answer is ___.
  14. What kind of biometric authentication device can also reveal personal health information during the authentication process?
    retina scanner
  15. If a biometric system identifies an unauthorized user and allows them access, it is called ___.
    false acceptance, (NOT false positive)
  16. If you think that files may be being copied to remote locations after hours, but your file server does not have logging enabled, what is the next best place to check?
    firewall logs
  17. Besides applying the company security template and applying patches, what else is included in the standard procedure for hardening?
    closing unnecessary network ports
  18. What’s the most efficient way to restrict network access to certain ports enterprise-wide?
    use an ACL
  19. Is “TCP dump” used for network sniffing?
    Yes. tcpdump is a common packet analyzer that runs under the command line. It allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Tcpdump works on most Unix-like operating systems.
  20. The functions of asymmetric keys are: encrypt, decrypt, ___ and ___.
    sign and verify
  21. Is closing all unnecessary network ports, considered part of “hardening”?
  22. “Snort” can be used for ___.
    network sniffing
  23. What is the IETF?
    internet engineering task force
  24. If you want to lock computers after 5 minutes of inactivity, is it better to use: group policy or registry settings?
    group policy
  25. Is it “buffer overflow” or “SQL injection” if a user places more information in the input field than the program expects, resulting in extra information being placed into the database?
    SQL injection
  26. Wireshark is used for ___.
    network sniffing
  27. The most secure alternative for administrative access to a router is ___.
  28. Two reasons for implementing virtualization technology are: to provide a secure virtual environment for testing, and to ___.
    reduce recovery time in the event of application failure
  29. Describe a “spanned switch port” in the context of IDS traffic analysis.
    An association of a set of source ports with a single destination port.
  30. A drawback of using PAP authentication is ___.
    PAP—Password Authentication Protocol sends all passwords across the network as clear text
  31. SMTP “open relays” are associated with ___.
  32. What does a single sign-on require?
    A unified trust model
  33. What is a “security reason” to implement virtualization throughout the network infrastructure?
    To isolate the various network services and roles
  34. A ___ can show you which NIC is causing a broadcast storm.
    protocol analyzer
  35. The common mail format for digitally signed and encrypted messages is ___.
  36. SMTP ___ are associated with SPAM distribution.
    open relays
  37. If you want to be able to add new users to a few key groups by default, ___ would allow you to do this.
  38. Why might you want to implement security logging on a DNS server?
    to monitor unauthorized zone transfers
  39. ___ creates a security buffer zone between two rooms.
  40. The primary way of establishing SAs (security associations) and managing VPN keys is via ___.
  41. Is temporal key interchange protocol part of IPSec?
  42. Spammers have learned that by hijacking ___, they can launder their spam while spoofing their identity.
    open relays
  43. What is the main problem with biometric devices?
    They are expensive and complex
  44. Is hashing used to provide integrity or confidentiality?
  45. Does WEP do integrity checking?
  46. Can “group policy” be used to secure web browser settings on all network workstations?
  47. If you don’t have a NIDS, how can you identify an active attack?
    protocol analyzer
  48. What type of security testing includes things like documentation review, system configuration review, network sniffing and integrity checking?
    passive security testing techniques
  49. ISAKMP is the primary way of establishing SAs (security associations) and managing ___ keys.
  50. What processes do you use to monitor and protect the DNS server?
    check the DNS records regularly
Card Set