click below
click below
Normal Size Small Size show me how
Security Plus 5
COMPTIA Security + 5
Question | Answer |
---|---|
What step in the SSL protocol allows for client and server authentication, MAC, and encryption algorithm negotiation, and selection of cryptographic keys? | SSL handshake protocol |
Example of a physical access barrier could be what? | Security guard |
“Due Care” is what? | Policies and procedures intended to reduce the likelihood of damage or injury. |
You discover a lock on the window of an office adjacent to the server room broken. You tell the resident of that office. You do NOT follow up to see if it has been fixed. What affect will this have on the likelihood of a threat? | If the window is not repaired, the likelihood of the threat will increase. |
Providing false information about the source of an attack is known as? | Spoofing |
In order for User A to send User B an e-mail message that only User B can read, User A must encrypt the e-mail with what? | User B’s public key |
When a cryptographic system’s keys are no longer needed, the keys should be? | Destroyed or stored in a secure manner. |
Access controls that are created and administered by the data owner are considered? | DACs (Discretionary Access Control) |
When a string of data is sent to a buffer that is larger than the buffer was designed to handle is an? | Buffer overflow |
One way to limit hostile sniffing on a LAN is by installing what type of hardware device? | Ethernet switch |
An attacker manipulates what field of an IP packet in an IP spoofing attack? | Source address field |
The term cold site refers to what? | A location to begin operations during disaster recovery. |
In decentralized privilege management, user accounts are stored on what? | Individual servers |
Most certificates used for authentication are based on what standard? | X.509v3 |
An administrator notices an e-mail server is currently relaying e-mail for any e-mail server requesting relaying. Upon further investigation the administrator notices the existence of /etc/mail/relay domains. What modifications should the administrator | Delete the * entry in the relay domain file and restart the e-mail process. |
An application that appears to perform a useful function but instead contains some sort of malicious code is called? | Trojan Horse |
A piece of code that appears to do something useful while performing a harmful and unexpected function like stealing passwords is? | Trojan Horse |
What program is able to distribute itself without using a host file? | Worm |
A piece of malicious code that can replicate itself has no productive purpose and exist only to damage computer systems or create further vulnerabilities is called? | Worm |
An autonomous agent that copies itself into one or more host programs, then propagates when the host is run, is best described as a what? | Virus |
A program that can infect other programs by modifying them to include a version of it self is a what? | Virus |
User A needs to send a private e-mail to User B. User A doesn’t want anyone to have the ability to read the e-mail except User B, thus retaining privacy. What tenet of info security is User A using? | Confidentiality |
What kind of attack is a type of security breach to a computer that doesn’t usually result in the theft of information or other security loss, but the lack of legitimate use of that system? | DOS |
Computer forensics experts collect and analyze data using what to minimize data loss? | Chain of custody |
What is typically included in a CRL (Certificate Revocation List)? | Certificates that have been disabled before their scheduled expiration. |
What are three characteristics of a computer virus? | Replication mechanism, activation mechanism, and objective. |
Forensic procedures must be followed exactly to ensure the integrity of data obtained in an investigation. When making copies of data from a machine that isbeing examined, what task should be done to ensure it is an exact duplicate? | Perform a cyclic redundancy check using a checksum or hashing algorithm. |
In responding to incidents such as security breaches, one of the most important steps taken is? | Containment |
You are explaining SSL to junior administrators and come up to the topic of handshaking. How many steps are employed between the client and server in the SSL handshake process? | 6 |
One of the factors that influence the life span of a public key certificate and its associated keys is the? | Value of data being protected. |
A network attack that misuses TCP’s three way handshake to overload serversand deny access to legitimate users is called? | SYN flood |
If a private key becomes compromised before its certificate normal expiration, X.509 defines a method requiring each CA (Certification Authority) to periodically issue a signed data structure called what? | Revocation list |
SSL session keys are available in what two lengths? | 40-bit and 128-bit |
You are researching the ARO and need to find specific data that can be used forrisk assessment. What will you use to find the information? | Insurance companies |