Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/55

Click to flip

55 Cards in this Set

  • Front
  • Back
Which of following can BEST be used to determine the topology of a network and discover unknown devices?
a. Vulnerability scanner
b. NIPS
c. Protocol analyzer
d. Network mapper
d. Network mapper
When should a technician perform penetration testing?
a. When the technician suspects that weak passwords exist on the network
b. When the technician is trying to guess passwords on a network
c. When the technician has permission from the owner of the network
d. When the technician is war driving and trying to gain access
c. When the technician has permission from the owner of the network
During a risk assessment it is discovered that only one system administrator is assigned several tasks critical to continuity of operations. It is recommended to cross train other system administrators to perform these tasks and mitigate which of the following risks?
a. DDoS
b. Privilege escalation
c. Disclosure of PII
d. Single point of failure
d. Single point of failure
Which of the following would an attacker use to footprint a system?
a. RADIUS
b. Password cracker
c. Port scanner
d. Man-in-the-middle attack
c. Port scanner
Which of the following tools will allow the technician to find all open ports on the network?
a. Performance monitor
b. Protocol analyzer
c. Router ACL
d. Network scanner
d. Network scanner
Password crackers are generally used by malicious attackers to:
a. verify system access.
b. facilitate penetration testing.
c. gain system access.
d. sniff network passwords.
c. gain system access.
Why would a technician use a password cracker?
a. To look for weak passwords on the network
b. To change a users passwords when they leave the company
c. To enforce password complexity requirements
d. To change users passwords if they have forgotten them
a. To look for weak passwords on the network
After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than the expected loss if the risk was actualized. In this instance, which of the following is the BEST course of action?
a. Accept the risk
b. Mitigate the risk
c. Reject the risk
d. Run a new risk assessment
a. Accept the risk
Social engineering, password cracking and vulnerability exploitation are examples of which of the following?
a. Vulnerability assessment
b. Fingerprinting
c. Penetration testing
d. Fuzzing
c. Penetration testing
Which of the following would BEST allow an administrator to quickly find a rogue server on the network?
a. Review security access logs
b. A network mapper
c. A protocol analyzer
d. Review DNS logs
b. A network mapper
Which of the following is the MOST intrusive on a network?
a. Penetration testing
b. Protocol analyzers
c. Port scanners
d. Vulnerability testing
a. Penetration testing
Which of the following BEST describes risk analysis?
a. Monitoring and acceptance
b. Evaluation and assessment
c. Assessment and eradication
d. Mitigation and repudiation
b. Evaluation and assessment
A security manager believes that too many services are running on a mission critical database server. Which of the following tools might a security analyst use to determine services that are running on the server, without logging into the machine?
a. OVAL
b. Port scanner
c. Protocol analyzer
d. NIDS
b. Port scanner
When are port scanners generally used on systems?
a. At the middle of a vulnerability assessment
b. At the beginning of a vulnerability assessment
c. When there is a need to document vulnerabilities
d. At the end of a penetration test assessment
b. At the beginning of a vulnerability assessment
Penetration testing should only be used once which of the following items is in place?
a. Acceptable use policy
b. Data retention and disclosure policy
c. Service level agreement
d. Written permission
d. Written permission
Which of the following is the MOST intrusive on a network?
a. Penetration testing
b. Protocol analyzers
c. Port scanners
d. Vulnerability testing
a. Penetration testing
Which of the following BEST describes risk analysis?
a. Monitoring and acceptance
b. Evaluation and assessment
c. Assessment and eradication
d. Mitigation and repudiation
b. Evaluation and assessment
A security manager believes that too many services are running on a mission critical database server. Which of the following tools might a security analyst use to determine services that are running on the server, without logging into the machine?
a. OVAL
b. Port scanner
c. Protocol analyzer
d. NIDS
b. Port scanner
When are port scanners generally used on systems?
a. At the middle of a vulnerability assessment
b. At the beginning of a vulnerability assessment
c. When there is a need to document vulnerabilities
d. At the end of a penetration test assessment
b. At the beginning of a vulnerability assessment
Penetration testing should only be used once which of the following items is in place?
a. Acceptable use policy
b. Data retention and disclosure policy
c. Service level agreement
d. Written permission
d. Written permission
All of the following should be identified within the penetration testing scope of work EXCEPT:
a. a complete list of all network vulnerabilities.
b. IP addresses of machines from which penetration testing will be executed.
c. a list of acceptable testing techniques and tools to be utilized.
d. handling of information collected by the penetration testing team.
a. a complete list of all network vulnerabilities.
Which of the following would allow a technician to compile a visual view of an infrastructure?
a. Security log
b. Network mapper
c. Port scanner
d. Protocol analyzer
b. Network mapper
As a best practice, risk assessments should be based upon which of the following?
a. A qualitative measurement of risk and impact
b. A survey of annual loss, potential threats and asset value
c. A quantitative measurement of risk, impact and asset value
d. An absolute measurement of threats
c. A quantitative measurement of risk, impact and asset value
All of the following are methods used to conduct risk assessments EXCEPT:
a. penetration tests.
b. security audits.
c. vulnerability scans.
d. disaster exercises.
d. disaster exercises.
All of the following are methods used to conduct risk assessments EXCEPT:
a. penetration tests.
b. security audits.
c. vulnerability scans.
d. disaster exercises.
d. disaster exercises.
Which of the following is the MOST important step to conduct during a risk assessment of computing systems?
a. The identification of USB drives
b. The identification of missing patches
c. The identification of mantraps
d. The identification of disgruntled staff members
b. The identification of missing patches
Who is ultimately responsible for the amount of residual risk?
a. The senior management
b. The security technician
c. The organizations security officer
d. The DRP coordinator
a. The senior management
Documentation review, log review, rule-set review, system configuration review, network sniffing, and file integrity checking are examples of:
a. active security testing techniques.
b. invasive security testing techniques.
c. black box testing techniques.
d. passive security testing techniques.
d. passive security testing techniques.
To determine whether a system is properly documented and to gain insight into the systems security aspects that are only available through documentation is the purpose of:
a. hybrid security testing techniques.
b. active security testing techniques.
c. passive security testing techniques.
d. invasive security testing techniques.
c. passive security testing techniques
Which of the following BEST describes external security testing?
a. Conducted from outside the perimeter switch but inside the firewall
b. Conducted from outside the building that hosts the organizations servers
c. Conducted from outside the organizations security perimeter
d. Conducted from outside the perimeter switch but inside the border router
c. Conducted from outside the organizations security perimeter
Port scanners can identify all of the following EXCEPT:
a. applications.
b. operating systems.
c. vulnerabilities.
d. active hosts.
c. vulnerabilities.
All of the following are limitations of a vulnerability scanner EXCEPT:
a. it only uncovers vulnerabilities for active systems.
b. it generates a high false-positive error rate.
c. it relies on a repository of signatures.
d. it generates less network traffic than port scanning.
d. it generates less network traffic than port scanning
A software manufacturer discovered a design flaw in a new application. Rather than recall the software, management decided to continue manufacturing the product with the flaw. Which of the following risk management strategies was adopted by management?
a. Risk mitigation
b. Risk avoidance
c. Risk acceptance
d. Risk transfer
c. Risk acceptance
Which of the following describes penetration testing?
a. Simulating an actual attack on a network
b. Hacking into a network for malicious reasons
c. Detecting active intrusions
d. Establishing a security baseline
a. Simulating an actual attack on a network
Which of the following is MOST likely to crash a workstation?
a. Vulnerability assessment
b. Protocol analyzer
c. Penetration test
d. Network mapper
c. Penetration test
Snort, TCPDump and Wireshark are commonly used for which of the following?
a. Port scanning
b. Host monitoring
c. DDOS attacks
d. Network sniffing
d. Network sniffing
Which of the following activities is MOST closely associated with DLL injection?
a. Penetration testing
b. Network mapping
c. Vulnerability assessment
d. SQL servers
a. Penetration testing
After performing a vulnerability analysis and applying a security patch, which of the following non-intrusive actions should an administrator take to verify that the vulnerability was truly removed?
a. Apply a security patch from the vendor.
b. Perform a penetration test.
c. Repeat the vulnerability scan.
d. Update the antivirus definition file.
c. Repeat the vulnerability scan
After reading about the vulnerability issues with open SMTP relays, a technician runs an application to see if port 25 is open. This would be considered a:
a. network mapper.
b. protocol analyzer.
c. vulnerability scan.
d. port scan.
d. port scan.
An outside auditor has been contracted to determine if weak passwords are being used on the network. To do this, the auditor is running a password cracker against the master password file. Which of the following is this an example of?
a. Vulnerability assessment
b. Fingerprinting
c. Malware scan
d. Baselining
a. Vulnerability assessment
A technician is conducting a password audit using a password cracking tool. Which of the following describes a BEST business practice when conducting a password audit?
a. Use password masking.
b. Use hybrid mode.
c. Reveal the password.
d. Single out the accounts to crack.
a. Use password masking.
Which of the following is a vulnerability assessment tool?
a. John the Ripper
b. Cain & Abel
c. AirSnort
d. Nessus
d. Nessus
Which of the following is a vulnerability scanner?
a. John the Ripper
b. Cain & Abel
c. Microsoft Baseline Security Analyzer
d. AirSnort
c. Microsoft Baseline Security Analyzer
Which of the following is a password cracking tool?
a. Nessus
b. AirSnort
c. John the Ripper
d. Wireshark
c. John the Ripper
Which of the following is a protocol analyzer?
a. John the Ripper
b. WireShark
c. Cain & Abel
d. Nessus
b. WireShark
Which of the following would BEST allow an administrator to quickly find a rogue server on the network?
a. Review security access logs
b. A network mapper
c. A protocol analyzer
d. Review DNS logs
b. A network mapper
Which of the following requires an update to the baseline after installing new software on a machine?
a. Signature-based NIPS
b. Signature-based NIDS
c. Honeypot
d. Behavior-based HIDS
d. Behavior-based HIDS
Which of the following has the ability to find a rootkit?
a. Adware scanner
b. Malware scanner
c. Email scanner
d. Anti-spam scanner
b. Malware scanner
Which of the following allows a technician to scan for missing patches on a device without actually attempting to exploit the security problem?
a. A vulnerability scanner
b. Security baselines
c. A port scanner
d. Group policy
a. A vulnerability scanner
Which of the following intrusion detection systems uses statistical analysis to detect intrusions?
a. Signature
b. Honeynet
c. Anomaly
d. Knowledge
c. Anomaly
When an IDS is configured to match a specific traffic pattern, then which of the following is this referring to?
a. Signature-based
b. Anomaly-based
c. Heuristic-based
d. Behavior-based
a. Signature-based
Which of the following IDS generally follows a learning process?
a. Anomaly-based IDS
b. Signature-based IDS
c. Event-based IDS
d. Rule-based IDS
a. Anomaly-based IDS
Which of the following is the MOST basic form of IDS?
a. Signature
b. Behavioral
c. Statistical
d. Anomaly
a. Signature
A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If the anti-malware software is purchased, which of the following is the expected net savings?

a. $900
b. $2,290
c. $2,700
d. $5,000
b. $2,290
A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If determining the risk, which of the following is the annual loss expectancy (ALE)?

a. $2,700
b. $4,500
c. $5,000
d. $7,290
d. $7,290