COMPTIA Security + 601 by vakunuri

What are the non-overlapping channels for 802.11g/n?

Channels 1, 6, and 11

Does the S/MIME protocol use certificates?

yes

Which two ports does FTP use?

ports 20 and 21

Which technique attempts to predict the likelihood that a threat will occur and assigns monetary values in the event a loss occurs?

quantitative risk analysis

Which IPSec mode is used to create a VPN between two gateways?

tunnel mode

What is the most likely cause of a single computer communicating with an unknown IRC server and scanning other systems on the network?

The computer is infected with a botnet.

What does the acronym IDS denote?

Intrusion Detection System

Which encryption method is more scalable?

Asymmetric Encryption

What is the purpose of DLP?

Data Loss Prevention (DLP) is a network system that monitors data on computers to ensure the data is not deleted or removed.

Which port number does NTP use?

port 123

Which backup method backs up every file on the server each time it is run?

A full backup

What is the term for an unauthorized access that a network-based intrusion detection system (NIDS) fails to detect?

missed detection or false negative

Which alternate computing facility is the least expensive to maintain before a disaster occurs?

a cold site

What are the three basic questions answered by the chain of custody?

who controlled the evidence, who secured the evidence, and who obtained the evidence

Which term refers to the assurance that data has not been altered in transmission?

data integrity

What is the purpose of Platform as a Service (PaaS) in cloud computing?

It provides not only a virtualized deployment platform but also a value-added solution stack and an application development platform.

What does the acronym FCoE denote?

Fibre Channel over Ethernet

At which OSI layer does IP Security (IPSec) operate?

the Network layer (Layer 3)

What is meant by the term hardening?

tightening control using security policies to increase system security

What do you use to control traffic from the Internet to the LAN (local area network) by controlling the packets that are allowed to enter the LAN?

a firewall

According to CompTIA's Security+ examination blueprint, what are the four types of logs that you should monitor for mitigation and deterrence?

event logs, audit logs, security logs, and access logs

What are the two types of eye scans?

iris scans and retinal scans

What are alternate terms for cross-site request forgery (XSRF)?

session riding or one-click attack

What block cipher and key size (in bits) are used by the Clipper Chip?

The Skipjack block cipher and an 80-bit key length

Why is GPS tracking often disabled?

It is considered a security threat. As long as GPS tracking is enabled and the mobile device is powered on, the device (and possibly its user) can be located.

What is the name of the process for removing only the incriminating data from the audit logs?

scrubbing

What ensures that a user is who he claims to be?

identification

Which port number does SSH use?

port 22

On what does the Pretty Good Privacy (PGP) mail standard rely?

a web of trust

Which information do routers use to forward packets to their destinations?

the network address and subnet mask

Which account should you rename immediately after installing a new operating system (OS) to harden the OS?

the administrator account

Which error condition arises because data is not checked before input to ensure that it has an appropriate length?

buffer overflow errors

What is the component included with Windows Vista and higher operating systems that encrypts an entire volume with 128-bit encryption to prevent information from being read if the drive is lost or stolen?

BitLocker

What is the purpose of administrative controls?

to implement security policies based on procedures, standards, and guidelines

Which fire suppression method, formerly used to suppress fires involving electrical equipment or liquids, has been discontinued?

halon gas

On which standard is Lightweight Directory Access Protocol (LDAP) based

X.500

Which public-key algorithm was the first to allow two users to exchange a secret key over an insecure medium without any prior secret keys?

Diffie-Hellman

Which authentication protocol separates authentication and authorization: TACACS+ or RADIUS?

TACACS+

What was the first public-key algorithm ever used?

Diffie-Hellman

Which tool should you use to retrieve the contents of a GET request: a protocol analyzer or port scanner?

a protocol analyzer

Which type of controls is implemented to secure physical access to an object, such as a building, a room, or a computer?

a physical or operational control

Which protocol provides connectionless integrity, data origin authentication, replay protection, and confidentiality (encryption) using Authentication Header (AH) and Encapsulating Security Payload (ESP)?

Internet Protocol Security (IPSec)

What does the acronym MTTR denote?

mean time to repair

What is an entity that issues and manages certificates?

certification authority (CA)

According to CompTIA's Security+ examination blueprint, what are the three listed reporting techniques for mitigation and deterrence?

alarms, alerts, and trends

Which term is used when the amount of work that a computer has to do is divided between two or more computers so that more work is performed in the same amount of time?

load balancing

Which type of attack searches long lists of words for a particular language to match them to an encrypted password?

dictionary attack

What is spimming?

an instance of spam sent over an instant message application

What is a proxy server?

a server that caches and filters content

Which type of authentication combines two or more authentication methods, like something that a person knows (such as a password), something that a person owns (such as a smart card), and a characteristic about the person (such as a fingerprint)?

multi-factor authentication

Which services are usually provided by all-in-one security devices?

URL filtering, content inspection, and malware inspection

Which directory protocol does Directory-Enabled Networking (DEN) use?

Lightweight Directory Access Protocol (LDAP)

What is a honeypot?

a decoy system in your network installed to lure potential intruders away from legitimate systems

What is the term for a potential opening in network security that a hacker can exploit to attack a network?

a vulnerability

What is the most significant misuse of cookies?

misuse of personal data

Which setting ensures that repeated attempts to guess a user's password is not possible beyond the configured value?

account lockout

What is a smurf attack?

an attack where a ping request is sent to a broadcast network address with the aim of overwhelming the system

Is the Message Digest 5 (MD5) algorithm used with symmetric or asymmetric key algorithms?

asymmetric

What is the purpose of Infrastructure as a Service (IaaS) in cloud computing?

It provides computer and server infrastructure, typically through a virtualization environment.

What is war driving?

the act of discovering unprotected wireless network by driving around with a laptop

What does the acronym DAC denote?

discretionary access control

Which audit category will audit all instances of users exercising their rights?

the Audit Privilege Use audit category

Which intrusion detection system (IDS) watches for intrusions that match a known identity?

signature-based IDS

Which security protocol was designed as an interim solution to replace WEP without requiring the replacement of legacy hardware?

Temporal Key Integrity Protocol (TKIP)

What is the recommended action when the cost of the safeguard exceeds the amount of the potential loss for a given risk?

to accept the risk

What is a VPN concentrator?

a device that creates a virtual private network (VPN)

Does each VLAN create its own collision domain or its own broadcast domain?

broadcast domain

What is a warm site?

an alternate computing facility with telecommunications equipment but no computers

What does the acronym POP denote?

Post Office Protocol

Which type of cryptography relies more on physics, rather than mathematics, as a key aspect of its security model?

quantum cryptography

What is the main difference between an IDS and an IPS?

An IDS detects intrusions. An IPS prevents intrusions.

What is the term for an authorized access that a network-based intrusion detection system (NIDS) incorrectly detects as an attack?

false positive

What is another name for RAID 5?

disk striping with parity

What is the key size, in bits, of the Data Encryption Standard (DES)?

56

What is another name for RAID 0?

disk striping

What are the two advantages of single sign-on (SSO)?

convenience and centralized administration

Which type of virus can change its signature to avoid detection?

polymorphic

Which type of attack is characterized by an attacker who takes over the session of an already authenticated user?

hijacking

Which term refers to voice communication over a network?

telephony or Voice over IP (VoIP)

Which type of disaster recovery site provides very little fault tolerance for the primary data center and relies on backups to bring the data center back online?

cold site

Which protocol does the Enterprise mode of WPA and WPA2 use for authentication?

Extensible Authentication Protocol (EAP)

Which type of cipher encrypts data in fixed-size blocks?

block

What is the name for a hole in the security of an application deliberately left in place by a designer?

back door

What is most commonly used to provide proof of a message's origin?

a digital signature

What is the key length used by a one-time pad?

The key length is the same length as the message that is to be encrypted. The message length determines the key length.

Which audit category tracks all attempts to log on with a domain user account when enabled on domain controllers?

the Audit Account Logon Events audit category

Would a certification authority (CA) revoke a certificate if the certificate owner's public key were exposed?

no

What are four common service models of cloud computing?

Infrastructure as a service (IaaS), Monitoring as a service (MaaS), Platform as a service (PaaS), Software as a service (SaaS)

Who can change a resource's category in a mandatory access control environment?

administrators only

Which access control model is based on the data's owner implementing and administering access control?

Discretionary Access Control (DAC)

Which type of controls dictates how security policies are implemented to fulfill the company's security goals?

an administrative or management control

What is phishing?

when an e-mail request for confidential information that appears to originate from a bank or other trusted institution is received

What is Protected Extensible Authentication Protocol (PEAP)?

a protocol that encapsulates the EAP within an encrypted and authenticated Transport Layer Security (TLS) tunnel

What is incident management?

the activities of an organization to identify, analyze, and correct risks as they are identified

What is the purpose of anti-spam applications or filters?

to prevent unsolicited e-mail

What is the name for a fix that addresses a specific Windows system problem or set of problems?

hotfix

Where is information on cancelled certificates retained?

in the certificate revocation list (CRL)

What does the acronym RBAC denote?

role-based access control

What is a service level agreement (SLA)?

a contract between a network service provider and a customer that specifies the services the network service provider will furnish

Why is the location of an alternate site important?

You do not want it to be affected by the same disaster as your primary facility.