Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
44 Cards in this Set
- Front
- Back
Which certification requires 1 year of computer security related work experience?
|
SSCP
|
|
The basic idea of _____ is to make every computer on the network believe that you are the Router.
|
Arp poisoning
|
|
_____ mode establishes a wireless network link between individual systems.
|
Ad hoc
|
|
______ allowed users on a public Wifi network to effectively hijack another user’s Facebook session (given that the other user was on the same wifi network and not connected via VPN).
|
Firesheep
|
|
Which of the following is a SIEM?
|
Logrythm
|
|
Which of the following is a Honeypot?
|
Webscure
|
|
The key to protecting assets from the risk of attack is to eliminate or address as many ______ as possible.
|
Vulnerabilities
|
|
Qualitative
|
does not attempt to assign numeric value, but is scenario oriented
|
|
What website is the business gangsta bucks in?
|
Buying infected computers
|
|
Policy does NOT include:
|
List of technologies to use
|
|
Who did I say was the most notorious black hat hacker?
|
Kevin mitnick
|
|
Which of the following is a weakness that allows a threat to be realized or to have an effect on an asset?
|
Vulnerability
|
|
Three mechanisms used to protect the WLAN:
|
Network name
Authentication Encryption |
|
Which group offers the CISSP certification?
|
ISC2
|
|
In the lecture I mentioned that you could use [a] to perform ARP poisoning and then carry out a [b]
|
a) cain and able
b) man in the middle attack |
|
A network mapper (nMap) uses __________ packets to identify the operational systems
|
ICMP
|
|
Which technology allows users to sign on to a computer or network once, and have their identification and authorization credentials allow them into all computers and systems where they are authorized?
|
Single sign-on (SSO)
|
|
Wifi standards are defined by the following group:
|
ieee
|
|
Which of the following is an action that could damage an asset?
|
Threat
|
|
What does a POS smash-and-grab attack involve?
|
Brute force and malware combination
|
|
Quantitative
|
attempts to assign independently objective numeric value to all elements of the risk analysis
|
|
WPA2 uses CCMP which is new encryption mode based on:
|
Aes
|
|
What type of error is false reject rate?
|
Type I error
|
|
UC is an abbreviation for:
|
Unified communications
|
|
What is the act of an unauthorized person intercepting and reading packets that flow across a network?
|
Eavesdropping
|
|
Which networking technology was the first mainstream method for connecting to the Internet?
|
Analog dial-up
|
|
Which of the following is the likelihood that something bad will happen to an asset?
|
Risk
|
|
What attack was used to compromise Heartland's systems?
|
Sql injection
|
|
Wireless encryption standard that is easily cracked?
|
WEP
|
|
It is permitted to store the information from a credit card's magnetic stripe only if it is encrypted.
|
False
|
|
How many TCP ports are there?
|
65,535
|
|
PCI requirement 4.1 specifically prohibits the ______ wireless encryption protocol.
|
WEP
|
|
Which group offers Computer Security training (inlcuding a Masters program)?
|
SANS
|
|
According to Jimmy Ray's Top Ten Reasons Audits Fail, the number one reason is:
|
Failure to protect stored data
|
|
Which certification requires 5 years of Computer Security related work experience?
|
CISSP
|
|
Which of the following is a detailed written definition of how software and hardware are to be used?
|
Standard
|
|
Who created the virus brain.a?
|
Basat and amjad
|
|
What is the main reason that finance led the incident count this year?
|
Mainly due to a large number of ATM skimming incidents
|
|
When monitoring a system for anomalies, the system is measured against __________.
|
Baseline
|
|
What is the name of one of the computer security podcasts/videos that I showed in the lecture?
|
Pauldotcom
|
|
One major problem with WEP is:
|
A new IV is used for each frame, but since it is only 24 bits long it will repeat periodically
|
|
Goal of Stuxnet was to find:
|
a computer used to program a programmable logic computer
|
|
When an operational system is found a [a] request can be sent to a port. If the port is open and there is a network listener, the network mapper will receive an [b] packet
|
a.)syn
b.)ack |
|
What type of error is accept reject rate?
|
Type II error
|