Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
120 Cards in this Set
- Front
- Back
One example of cognitive biometrics requires the user to indentify speicif faces
|
TRUE
|
|
Several large internet providers support SSO, but only for their own suite of services and applications.
|
TRUE
|
|
OpenID is completely centralized.
|
FALSE
|
|
Determining vulnerabilities often depends upong the background and experience of the assesor.
|
TRUE
|
|
Security weaknesses can always be entirely eliminated.
|
FALSE
|
|
Most network mappers utilize the TCP/IP protocol Internet Control Message Protocol (ICMP)
|
TRUE
|
|
Permissions inheritance becomes less complicated with GPOs.
|
FALSE
|
|
A baseline is a reference set of data against which operational data is compared.
|
TRUE
|
|
Plaintext is text that has no formatting (such as bolding or underlining) applied.
|
FALSE
|
|
Although hashing is considered a cryptographic algorithm, its function is not to create cipertext that can later be decrypted by the receiving party.
|
TRUE
|
|
a CA can be external to the organization, such as a commercial CA that charges for the service, or it can be a CA interal to the organization that provides this service to the employees.
|
TRUE
|
|
Direct trust is only feasible when dealing with multiple users who each have digital certificates.
|
FALSE
|
|
Instead of letting a key expire and then creating a new key, an existing key can be renewed.
|
TRUE
|
|
First suppression is an important concern for the safety of employees and business continuity.
|
TRUE
|
|
It is rare for electromagnetic fields to "leak" out from wires network cables, since the insulation and shielding that covers a copper cable are intended to prevent this.
|
FALSE
|
|
Mirror image backups are not considered a primary key to unconvering evidence because they cannot create exact replicas of the crime scene.
|
FALSE
|
|
One of the key policies in an organization is a security policy.
|
TRUE
|
|
A security policy attempts to provide the right amount of trust by balancin no trust and too much trust.
|
TRUE
|
|
Security policies should be at least 10 pages long in order to be effective.
|
FALSE
|
|
The ethics of decisions and actions is defined individually, not by a group.
|
FALSE
|
|
___ is the presentation of credentials or identification, typically performed when logging on to a system.
|
Indentification
|
|
___ is the verification of the credentials to ensure that they are genuine and not fabricated.
|
Authentication
|
|
___ is granting permission for admittance.
|
Authorization
|
|
___ is the right to use specific resources.
|
Access
|
|
There are several types of OTPs. The most common type is a ___ OTP.
|
time-synchronized.
|
|
A ___ fingerprint scanner has a small slit or opening. Instead of placing the entire finger on the scanner, the scanner is swipped across the opening.
|
dynamic
|
|
___ is a feature of Windows that is intended to provide users with control of their digital identities while helping them to manage privacy.
|
Windows CardSpace
|
|
___ is a decentralized open source FIM that does not require specific software to be installed on the desktop.
|
OpenID
|
|
___ is an industry standard protocol specification that forwards username and password information to a centralized server.
|
LDAP
|
|
The ___, sometimes called X.500 Lite, is a simple subset of DAP.
|
LDAP.
|
|
The management protocol of IEEE 802.1x that governs the interaction between the system, authenticator, and RADIUS server, known as the ___.
|
EAP
|
|
___ is a very basic authentication protocol that was used to authenticate a user to a remote access server or to an Internet Service Provider (ISP).
|
PAP.
|
|
___ refer to any combination of hardware and software that enables access to remote users to a local internet network.
|
RAS
|
|
A(n) ___ uses an unsecured public network, such as the Internet, as if it were a secure private network.
|
VPN
|
|
A(n) ___ is the end of the tunnel between VPN devices.
|
endpoint
|
|
In information security, a ___ is the likelihood that a threat agent will exploit a vulnerability.
|
risk
|
|
___ generally denotes a potential negative impact to an asset.
|
risk
|
|
The goal of ___ is to better understand who the attackers are, why they attack, and what types of attacks might occur.
|
threat modeling.
|
|
The ___ is the expected monetary loss every time a risk occurs.
|
Single Loss Expectancy (SLE)
|
|
The ___ is the expected monetary loss that can be expected for an asset due to a risk over a one-year period.
|
Annualized Loss Expectancy (ALE)
|
|
In a ___, the risk is spread over all of the members of the pool.
|
risk retention pool.
|
|
Indentifying vulnerabilities through a(n) ___ determines the current security weakenesses that could expose assets to threats.
|
vulnerability appraisal
|
|
Most communication in TCP/IP involves the exchange of information between a programming running on device (known as a ___) and the same or corresponding process running on another device.
|
process
|
|
___ are typically used to determine the state of a port to know what applications are running and could be exploited.
|
Port scanners
|
|
A(n) ___ port means that the application or service assigned to that port is listening.
|
open
|
|
A(n) ___ port indicates that no process is listening at that port.
|
closed.
|
|
A(n) ___ port means tha the host system does not reply to any inquiries to this port number.
|
blocked.
|
|
___ are software tools that can identify all the systems connected to a network.
|
Network mappers.
|
|
The key feature of a protocol analyzer is that it places the computer's network interfact care (NIC) adapter into ___, meaning that NIC does not ignore packets intended for other systems and shows all network traffic.
|
promiscuous mode
|
|
___ is a generic term that refers to a range of products that look for vulnerabilities in networks or systems.
|
vulnerability scanner
|
|
___ programs use the file of hashed passwords and then attempts to break the hashed passwords offline.
|
Password cracker.
|
|
The ___ is typically defined as the person responsible for the information, who determines the level of security needed for the data, and delegates security duties as required.
|
owner
|
|
The Windows file and folder ___ permission allowed files or folder to opened as read-only and to be copied.
|
read
|
|
The Windows file and folder ___ permission allows the creation of files and folders, and allows data to be added to or removed from files
|
write
|
|
___ is part of the pre-trial phase of a lawsuit in which each party though the law of civil procedure can request documents and other evidence from other parties or can compel the production of evidence by using a subpoena.
|
Discovery
|
|
ILM strategies are typically recorded in ___ policies.
|
storage and rentention
|
|
___ assigns a level of business importance, availability, sensitivity, security and regulation requirements to data.
|
Data classification
|
|
___ means permissions given to a higher level "parent" will also be inherited by a lower-level "child".
|
Inheritance
|
|
___ is the process for generating, transmitting, storing, analyzing, and disposing of computer security log data.
|
log management
|
|
___ servers are intermediate hosts through which web sites are accessed.
|
proxy
|
|
In a ___, the risk is spread over all of the members of the pool.
|
risk retention pool.
|
|
Indentifying vulnerabilities through a(n) ___ determines the current security weakenesses that could expose assets to threats.
|
vulnerability appraisal
|
|
Most communication in TCP/IP involves the exchange of information between a programming running on device (known as a ___) and the same or corresponding process running on another device.
|
process
|
|
___ are typically used to determine the state of a port to know what applications are running and could be exploited.
|
Port scanners
|
|
A(n) ___ port means that the application or service assigned to that port is listening.
|
open
|
|
A(n) ___ port indicates that no process is listening at that port.
|
closed.
|
|
A(n) ___ port means tha the host system does not reply to any inquiries to this port number.
|
blocked.
|
|
___ are software tools that can identify all the systems connected to a network.
|
Network mappers.
|
|
The key feature of a protocol analyzer is that it places the computer's network interfact care (NIC) adapter into ___, meaning that NIC does not ignore packets intended for other systems and shows all network traffic.
|
promiscuous mode
|
|
___ is a generic term that refers to a range of products that look for vulnerabilities in networks or systems.
|
vulnerability scanner
|
|
___ servers are intermediate hosts through which websites are accessed.
|
proxy
|
|
___ logs can be used to determine whether nre IP addresses are attempting to probe the network and if stronger firewall rules are necessary to block them.
|
firewall
|
|
A(n) ___ is an occurence within a software system that is communicated to users or other programs outside the operating system.
|
event
|
|
___ are operational actions that are performed by the operating system, such as shutting down the system or starting a service.
|
system events
|
|
___ refers to a methodology for making changes and keeping track of those changes, often manually
|
change mangement
|
|
___ monitoring is designed for detecting statistical anomalies.
|
anomaly-based
|
|
___ monitoring compares activities against a predefined signature.
|
signature-based
|
|
a ___ monitor is typically a low-level system program that uses a notification engine designed to monitor and track down hidden activity on a desktop system, server, or even personal digital assistants (PDAs) or cell phones.
|
system
|
|
Changing the original text to a secret message using cyprography is known as ___.
|
encryption
|
|
___ is a relatively recent cyrptographic hash function that has received internation recognition and adoption by standards organizations.
|
Whirlpool
|
|
A ___ substitution cipher maps a single plaintext character to multiple ciphertext characters.
|
homoalphabetic
|
|
A ___ cipher manipulates an entire block of plaintext at one time.
|
block
|
|
___ is a block cipher that processes blocks of 64 bits.
|
RC2
|
|
The ___ algorithm dates back to the early 1990s an is used in European nations.
|
IDEA
|
|
___ encryption uses two keys instead of one. These keys are mathematically related are are known as the public key and the private key.
|
Asymmetric
|
|
The asymmetric algorithm ___ was published in 1977 and patented by MIT in 1983.
|
RSA
|
|
A smilar program known as ___ is a PGP open-source product.
|
GPG
|
|
To protect data stored on a hard drive, Microsoft Windows Vista includes ___ drive encryption.
|
BitLocker
|
|
___ is a hardware-enabled data encryption feature.
|
BitLocker
|
|
___ is essentially a chip on the motherboard of the computer that provides cryptographic services.
|
TPM
|
|
Some organizations set up a subordinate entity, called a ___, to handle some CA tasks such as processing certificate requests and authenticating users.
|
Registration Authority (RA)
|
|
___ digital certificates are issues by a CA or RA directly to individuals.
|
Personal
|
|
When Bob sends one digital certificate to Alice along with his message, that is known as a ___ certificate.
|
single-sided
|
|
In one type of trust model, ___ trust, a relationship exists between two individuals because one person known the other person.
|
direct
|
|
A(n) ___ trust refers to a situation in which two individuals trust each other because each trusts a third part.
|
third party.
|
|
The ___ trust model assigns a single hierarchy with one master CA called the root.
|
hierarchial
|
|
The ___ trist model has multiple CAs that sign digital certificates.
|
distributed
|
|
The ___ trust model is the basis for digital certifcates issues by Internet users.
|
distributed
|
|
With the ___ trust model, there is one CA that acts as a "facilitator" to interconnect all other CAs.
|
bridge
|
|
The ___ provides recommended baseline security requirements for the use and operation of CA, RA, and other PKI components.
|
certificate policy
|
|
___ is used to connect to an FTP server, much in the same way that HTTP links to a web server.
|
FTP
|
|
___ is a protocol that guarantees privacy and data integrity between applications communication over the Internet.
|
TLS
|
|
The TLS ___ Protocol is used to encapsulate higher-level protocols.
|
Record
|
|
___ is actually a suite of three utilities--slogin, scp, and ssh--that are secure versions of the unsecure UNIX counterpart utilities rlogin, rcp, and rsh.
|
SSH
|
|
___ is the most widely deployed tunneling protocol.
|
PPTP
|
|
One variation of PPP that is used by broadband internet procivers with DSL or cable modem connects is ___.
|
PPPoE
|
|
___ systems disperse a fine, dry powder over the fire.
|
dry chemical
|
|
___ fire suppression systems do not harm people, documents, or electrical equipment in the room
|
clean agent
|
|
In a ___ server cluser, every server in the cluster performs useful work. If one server fails, the reamining servers continue to perform their normal work as well as that of the failed server.
|
symmetric
|
|
A system of hard drives based on redundancy can be achieved through using a technology known as ___ , which uses multiple hard disk drives for increased reliability and performance.
|
RAID
|
|
Disk ___ involves connecting multiple drives in the server to the same disk controller card.
|
mirroring.
|
|
RAID Level 5 distributes ___ data (a type of error checking) across all drives instead of using a separate drive to hold the parity error checking information.
|
parity
|
|
A(n) ___ UPS is always running off its battery while the main power runs the battery charger.
|
on-line
|
|
A ___ site is generally run by a commercial disaster recovery service that allows a business to continue computer and network operations to maintain business continuity.
|
hot
|
|
A ___ site has all of the equipment installed but does not have active Internet or telecommunications facilities, and does not have current backups of data.
|
warm
|
|
An alternative to using magnetic tape is to back up to magnetic disk, such as a large hard drive or RAID configuration. This is known as ___.
|
D2D
|
|
As its core, a(n) ___ policy is a document that outlines the protections that should be enacted to ensure that the organizations assets face minimal risks.
|
security.
|
|
A ___ is a docuement that outlines specific requirements or rules that must be met
|
policy
|
|
___ determines the items that have a positive economic value and may include data, hardware, personnel, physical assets, and software.
|
Asset identification
|
|
___ takes a snapshot of the security of the organization as it now stands.
|
Vulneralbility appraisal.
|