A Digital signature is a piece of data digest encrypted with: A. The private key of the signer.
A firewall examines each packet entering or leaving the network, and accepts or drops it based on: A. Pre-defined firewall rules
A forensic investigator at a crime lab is performing a forensic analysis of a hard drive that was brought in by state troopers. They make a mistake by using the wrong forensic tool during their forensics examination. What should the investigator do? A. Document the mistake and workaround the problem
A network administrator is evaluating different firewalls. Which of the following firewalls provides deep packet inspection, looks at the packet payload for malicious content, and hides servers from traffic that might be malicious? A. Application layer gateway
A network administrator is evaluating different firewalls. Which of the following firewalls provides protection from the following attacks: Denial of Service (DOS), Cross-Site Scripting (XSS), SQL injection, Cross-Site Request Forgery (CSRF), forceful browsing, cookie poisoning and invalid input? A. Web Application Firewall (WAF)
A newly hired security administrator is reviewing firewall rules for mistakes. Which firewall rules require matching of the interface and direction? A. Anti-spoofing rules
A security administrator wants to empty the DNS cache after a suspected attack that may have corrupted the DNS server. The server has been repaired, however it is feared that DNS entries may remain in client computer caches. Which of the following tools can be used to flush the DNS cache on a Windows client? A. ipconfig
A web application firewall is exactly the same as a network firewall. A. False
A Web application firewall protects Web servers from malicious traffic and blocks attempts to compromise the system. It prevents targeted attacks that include Denial of Service (DOS), Cross-Site Scripting (XSS), SQL injection, Cross-Site Request Forgery (CSRF), forceful browsing, cookie poisoning and invalid input. In which of the following attacks does the attacker gains access to a restricted page within a Web application by supplying a URL directly? A. Forceful browsing
Along with the forensic investigation effort, the man hours and expense should not be tracked since the costs are always justified regardless, of the actual amount involved. A. False
An attacker has targeted Corp.com’s employees with voicemails that attempt to acquire sensitive information by masquerading as a trustworthy entity. Which type of attack is this? A. Vishing
Both DNS poisoning and ARP poisoning involves: A. Spoofing
DoS attacks are for gaining unauthorized access or control of a system. A. False
For what purpose should the network traffic log be analyzed? A. To check for suspicious traffic
For what purpose would it be desired to capture the system image? A. So memory analysis can be performed later
In Active Directory, what does authorization? A. LDAP
In Windows network, transitive trust is used among the different domains inside a forest for implementing: A. Authentication
Many botnets were controlled through using what protocol? A. IRC
MD5 uses a hash value to create a hash which is typically a 32 character hex number and how many bits? A. 128
NIDS is an advanced version of NIPS. A. False
Packet sniffing can be helpful in detecting rogue packets. A. true
Proxies are “devices” that are strictly software-only. A. False
Secure Sockets Layer (SSL) is the predecessor of: A. TLS
SNMP uses which port by default? A. 161
The forensic investigator at a crime lab will be performing a forensic analysis of a hard drive that was brought in by state troopers. What should be done before performing the analysis? A. Capture a system image
The security administrator for a large organization receives numerous alerts from a network-based intrusion detection system (NIDS) of a possible worm infection spreading through the network via network shares. Before taking any drastic action to solve this problem such as blocking file sharing, what should first be done? A. Call an emergency change management meeting to ensure the solution will not have unforeseen negative affects.
The security administrator for Corp.com. You are explaining to your CIO the value of credentialed scanning over non-credentialed scanning. In credentialed scanning, policy compliance plugins give you which advantage? A. Customized auditing
To achieve server scalability, more servers may be added to a configuration and make use of: A. Load balancers
To avoid potential documentary errors and security leaks, the configuration of firewalls should not be documented unless strictly necessary. A. False
Under which of the following does “shoulder surfing” fall A. Social Engineering
Viruses, botnets, social engineering, and drive-by-downloads and other methods used to attack a target are best described as which of the following? A. Threat vectors
What attack involves impersonating another device? A. Spoofing
What can be deployed to intercept and log network traffic passing through the network? A. Protocol analyzers
What can be used to offer an extra layer of protection on the network for those hosts running behind the firewall? A. DMZ
What causes buffer overflow? A. Flaw in programming
What is always the first line of defense in protecting data and information? A. Passwords
What is SSH? A. An encryption management protocol
What protocol offers the capability to deploy RADIUS in an Ethernet network? A. EAP
What will be the available drive space in a RAID 5 configured system with 3 250GB hard drives? A. 500 GB
Which command is used in testing and troubleshooting DNS servers? A. nslookup
Which is not a common symptom of a RAID array failure? A. Overheating
Which of the following are recompiled UNIX tools that can hide evidence of the intrusion? A. Rootkits
Which of the following are zombie armies formed by a number of innocent hosts set up to perform malicious operations? A. Botnets
Which of the following involves deploying a large number of compromised hosts to flood a target system? A. DDoS
Which of the following is a form of delayed-execution virus? A. logic bomb
Which of the following is false concerning vulnerability scanning? A. All scanning attempts must be credentialed
Which of the following is NOT a means used by an attacker to do reconnaissance on a network? A. Smurf Attack
Which of the following is not a measure for achieving availability? A. Hashing
Which of the following is not a valid physical security measure? A. System patching
Which of the following is not an available protocol for security purposes? A. NetBIOS
Which of the following is the main purpose of a firewall? A. Access Control
Which of the following is true regarding cloud storage? A. One may not have control over how exactly the data is safeguarded
Which of the following is usually bundled as a hidden component of a freeware? A. Spyware
Which of the following MAINLY applies to email that appears to be sent from a legitimate business? A. Phishing
Which of the following measures does not protect data integrity? A. Mantrap
Which of the following risks does the use of social networking and P2P platforms pose? A. Social engineering attacks
Which of the following services only requires a single port be opened on the firewall? A. HTTP
Which of the following statement regarding proper patch management is true? A. Applying the correct patch, following the correct procedure, at the correct time
Which port should be filtered (or blocked) to disallow NETBIOS traffic? A. 139
With this type of key cryptography, the sender and receiver of a message share a single common key. A. Symmetric
Other Links:
See other websites for quiz:
Check on QUIZLET