1. __________ is a PowerShell-based approach to configuration management of a system.  Desired State Configuration (DSC)
2. A __________ is a more formal, larger software update that can address several or many software problems.  Patch
3. A benefit of SHA-1 hashing is its resistance to a collision attack.   False
4. A benefit of SHA-1 hashing is its resistance to a collision attack.    False
5. A bridge operates at the OSI model network layer.   False
6. A control classified as preventative has to be known by a person in order to be effective.  False
7. All connections on a switch share a single collision domain.  False
8. All input validation should be performed on the server side of the client-server relationship, where it is free from outside influence and change.   True
9. Before magnetic storage media (such as disks or tapes) is discarded in the trash or sold for salvage, it should have all files deleted and should be overwritten at least ________ times with all 1’s, all 0’s, and then random characters.  Three
10. Common uses of hashing algorithms are to store computer passwords and to ensure message ________   integrity
11. Criminal activity on the Internet, at its most basic, is quite different from criminal activity in the physical world.  False
12. Due to many design errors, Microsoft labeled Windows Server 2008 as its “most flawed server” and quickly moved to the next version  False
13. Evidence that must be legally qualified and reliable is known as ________.   competent evidence
14. Executable code integrity can be verified using host-based intrusion detection systems.  True
15. Hardening applications is similar to hardening operating systems.  True
16. How did the Code Red worm spread?  It made use of a buffer-overflow condition in Microsoft’s IIS web servers that had been known for a month.
17. How do most advanced persistent threats (APTs) begin?  Most APTs begin through a phishing or spear phishing attack.
18. In a Linux system, permissions are modified using the __________ command.  Chmod
19. In a UNIX operating system, which runlevel reboots the machine?  6
20. In a UNIX operating system, which runlevel reboots the machine?  6
21. In an “old school” attack, which step is a listing of the systems and vulnerabilities to build an attack game plan?   Enumeration
22. In which CMMI-DEV maturity level does an organization continually improve its processes based on a quantitative understanding of its business objectives and performance needs?  Level 5: Optimizing
23. In which phase of the secure development lifecycle model would you employ use cases?  Testing phase
24. IPv6 complexity increases operational challenges for correct deployment.   True
25. Major legal awards have been decided based on failure to retain information.  True
26. Once a hash value is generated, it is not reversible.  True
27. Phishing is the most common form of social engineering attack related to computer security.  True
28. Protecting data while in use is a much trickier proposition than protecting it in transit or in storage.  True
29. RAID increases reliability through the use of redundancy.  True
30. Recovery is the returning of the asset into the business function.  True
31. Reverse social engineering is easier to execute than social engineering.   False
32. ROT13 is a special case of a Caesar ________ cipher where each character is replaced by a character 13 places later in the alphabet.  Substitution
33. Service pack is the term given to a small software update designed to address a specific problem, such as a buffer overflow in an application that exposes the system to attacks.  False
34. Snapshots are instantaneous save points in time on virtual machines.  True
35. Tangible objects that prove or disprove fact are what type of evidence?  Real Evidence
36. The objective in risk management is to have a set of overlapping controls such that the total cost of ownership (TCO) is minimized.  True
37. The only means of social engineering is through direct contact between the target and the attacker.   False
38. The security kernel is also known as a __________.  reference monitor
39. The Vigenère cipher works as a(n) ________ cipher that depends on a password.  polyalphabetic substitution
40. Time can be manipulated to drive a sense of ________ and prompt shortcuts that can lead to opportunities for interjection into processes.  Urgency
41. Unvalidated input that changes the code functioning in an unintended way is which type of coding error?   Code Injection
42. Virtualization can be used as a form of sandboxing with respect to an entire system.  True
43. What command stops a service in UNIX?  Kill
44. What command stops a service in UNIX?  Stop is the correct response, but may be End
45. What does a host-based IDS monitor?  Activity on an individual system
46. What is a key benefit of adequate change management?   The assurance of code consistency and integrity
47. What is an advantage of a host-based IDS?  It can reduce false-positive rates.
48. What is taking place when a switch is bombarded with packets from different MAC addresses that flood the switch table, forcing the device to respond by opening all its ports and act as a hub?    MAC Flooding
49. What term describes today’s series of worldwide interconnected networks?   Internet
50. What term refers to the process of establishing a system’s operational state?   Baselining
51. What tool is the protocol/standard for the collection of network metadata on the flows of network traffic?  NetFlow
52. What was the primary lesson learned from the Slammer worm?   It drove home the point that the Internet could be adversely impacted in a matter of minutes.
53. When deleted, a file is removed from its original place on the storage device and is only available in the recycle bin.  False
54. When performing forensics on a computer system, you should use the utilities provided by that system.  False
55. Which change management phase is closely related to configuration control and involves gathering and maintaining information relative to each configuration item?  Configuration status accounting
56. Which component of an IDS collects activity/events for the IDS to examine?  Traffic Collector
57. Which confidentiality model is defined by controlling read and write access based on conflict of interest rules?  Brewer-Nash security model
58. Which document outlines what the loss of any critical functions will mean to the organization?  Business impact analysis (BIA)
59. Which encryption algorithm is one of the more popular symmetric algorithms in use today?  3DES
60. Which formula is used to calculate the single loss expectancy (SLE)?   SLE = asset value (AV) × exposure factor (EF)
61. Which password is weakest?   P@$$w0rd
62. Which product filters out junk e-mail?   Antispam
63. Which protection ring has the highest privilege level and acts directly with the physical hardware?  Ring 0
64. Which RAID configuration, known as byte-striped with error check, spreads the data across multiple disks at the byte level with one disk dedicated to parity bits?  RAID 3
65. Which RAID configuration, known as mirrored disks, copies the data from one disk onto two or more disks?  RAID 1
66. Which removable media uses a laser to pick up deformities embedded in the media that contain the information?   Optical
67. Which security concept uses the approach of protecting something by hiding it?  Security through obscurity
68. Which security principle is characterized by the use of multiple, different defense mechanisms with a goal of improving the defensive response to an attack?  Defense in depth
69. Which security principle is described as always using simple solutions when available?  Economy of mechanism
70. Which statement accurately describes how pharming is accomplished?  The user is directed to a fake web site as a result of modification of local host files, which are used to convert URLs to the appropriate IP address
71. Which statement describes how dumpster diving is accomplished?  An attacker attempts to find little bits of information that could be useful for an attack in a target trash can.
72. Which statement describes how piggybacking is accomplished?  An attacker follows closely behind a person who has just used their own access card or PIN to gain physical access to a room or building.
73. Which statement describes how shoulder surfing is accomplished?  An attacker directly observes the target entering sensitive information on a form, keypad, or keyboard.
74. Which statement describes the main difference between TCP and UDP packets?  TCP packets are connection oriented, whereas UPD packets are connectionless.
75. Which statement describes why social engineering is successful?   People have a basic desire to be helpful.
76. Which technique scans mail as it leaves an organization to catch spam before it is sent to other organizations?  Egress filtering
77. Which technique uses random inputs to check for exploitable buffer overflows?  Fuzz testing
78. Which term defines a collection of two or more honeypots?  Honeynet
79. Which term describes a category of attacks that generally are conducted over short periods of time (lasting at most a few months), involve a smaller number of individuals, have little financial backing, and are accomplished by insiders or outsiders who do not seek collusion with insiders?  Unstructured threat category
80. Which term describes a network designed for a specific geographic locality such as a town or a city?  Metropolitan area network
81. Which term describes a topology where all of the network components are connected to a central point?   Star
82. Which term generally refers to the standard of care a business is expected to exercise in preparation for a business transaction?  Due Care
83. Which term implies the concept of “don’t keep what you don’t need”?        Data minimization
84. Which term is concerned with guaranteeing fundamental fairness, justice and liberty in relation to an individual’s legal rights?  Due Process
85. Which term refers to a critical operation in the organization upon which many other operations rely and which itself relies on a single item that, if lost, would halt this critical operation?  Single point of failure
86. Which term refers to a device used to manage or store encryption keys?  Hardware security module (HSM)
87. Which term refers to a device used to manage or store encryption keys?  Hardware security module (HSM)
88. Which term refers to a measure of the magnitude of loss of an asset?  Exposure factor (EF)
89. Which term refers to a risk that remains after implementing controls?  Residual risk
90. Which term refers to standalone devices, wired into the network and designed to run an application to perform a specific function on traffic.   Appliances
91. Which term refers to the step between the account having access and the account being removed from the system?  Account expiration
92. Which term refers to the use of network addressing schemes to restrict machine to machine communication within specific boundaries?  Network segmentation
93. Which term refers to the use of network addressing schemes to restrict machine to machine communication within specific boundaries?  Network segmentation
94. Which type of proxy keeps local copies of popular client requests and is often used in large organizations to reduce bandwidth usage and increase performance?  Caching Proxy
95. Which type of testing involves running the system under a controlled speed environment?  Load Testing
96. Which Windows Server 2016 feature ensures that only known, digitally signed antimalware programs can load right after Secure Boot finishes?  Early Launch Anti-Malware (ELAM)
97. While NIDS are able to detect activities such as port scans and brute force attacks, they are unable to detect tunneling.   False
98. Windows Defender is now standard with all versions of the Windows desktop operating systems.  True
99. Windows Server 2016 replaced the traditional ROM-BIOS with the __________.  Unified Extensible Firmware Interface (UEFI)
100. If a certificate extension was marked as critical, the key can be used for purposes outside of those listed in the extensions. False
101. What physical security access control method provides the foundation upon which all other physical security initiatives are based? Barricade
102. A person’s weight is a biological factor that can be used for authentication. False
103. What is the best type of fire extinguisher to use in a data processing facility? Type ABC
104. A mantrap is used to combat tailgating. True
105. Which term does the Ethernet protocol use to describe the pieces of a message sent across a network? Frame
106. Which statement describes a common attack mechanism implemented within the ICMP protocol? Launching denial-of-service (DoS) attacks
107. What is an advantage of enclaves? Enclaves can create areas of trust where special protections can be employed.
108. Which term describes a network that lies completely inside a trusted area of a network and is under the security control of the system and network administrators? Intranet
109. Which term is used to describe the hosting of a desktop environment on a central server? Virtual desktop infrastructure (VDI)
110. A bridge operates at the OSI model network layer. False
111. Which device forms the basis for connections in most Ethernet-based LANs? Switch
112. Which device forms the backbone of the Internet, moving traffic from network to network, inspecting packets from every communication as they move traffic in optimal paths? Router
     

Other Links:

Statistics Quiz

Networking Quiz

See other websites for quiz:

Check on QUIZLET

Check on CHEGG