SEC-110 L01 - Final Exam Review
A vulnerable process that is divided between two or more individuals to prevent fraudulent application of the process is known as:
Role reversal
Mandatory vacation
Job rotation
Separation of duties
In a UAC prompt, what color is used to indicate the lowest level of risk?
Green
Red
Gray
Yellow
Bluetooth is an example of what type of technology below?
Personal Area Network
Small Area Network
Private Area Network
Limited Area Network
A port in what state below implies that an application or service assigned to that port is listening for any instructions?
Interruptible system
Open port
Closed port
Empty port
An administrator running a port scan wants to ensure that no processes are listening on port 23. What state should the port be in?
Open address
Closed port
Open port
Closed address
A list of the available nonkeyboard characters can be seen in Windows by opening what utility?
Charlist.exe
Charmap.exe
Listchar.exe
Chardump.exe
Passwords that are transmitted can be captured by what type of software?
Protocol analyzer
System analyzer
Application analyzer
Function analyzer
Broadcast storms can be prevented by using loop prevention technology. Which item below can be used to help prevent loops?
802.11x
Virtual trunking protocol
Dijkstra's algorithm
802.1d
How can a network of physical devices be grouped into logical units, regardless of what network switches they may be connected to?
VLAN
Subnets
IP address
MAC address
What is the most common type of P2P network?
Kazaa
Bittorrent
Sneakernet
EDonkey
DNS poisoning can be prevented using the latest edition of what software below?
Finger
WINS
DHCP
BIND
An administrator needs to examine FTP commands being passed to a server. What port should the administrator be monitoring?
19
20
21
22
In what type of cloud computing does the customer have the highest level of control?
Cloud System as a Service
Cloud Software as a Service
Cloud Application as a Service
Cloud Infrastructure as a Service
Entries within a Directory Information Base are arranged in a tree structure called the:
DAP
DIT
PEAP
EAP
Generally considered to be the most important information security policies, what item below defines the actions a user may perform while accessing systems and networking equipment?
Encryption policies
Data loss policies
Acceptable use policies
VPN policies
A written document that states how an organization plans to protect the company's information technology assets is a:
Guideline
Security procedure
Security policy
Standard
During RADIUS authentication, what type of packet includes information such as identification of a specific AP that is sending the packet and the username and password?
Access request
Authentication request
Accounting request
Verification request
A collection of suggestions that should be implemented are referred to as a:
Guideline
Baseline
Security procedure
Security policy
Port-based authentication, in which users are authenticated on a per-switch port basis, is a function of what standard below?
IEEE 802.1z
IEEE 802.11n
IEEE 802.3ad
IEEE 802.1x
A list that specifies which subjects are allowed to access an object and what operations they can perform on it is referred to as a(n):
Entity
ACL
DAC
ACE
What type of one-time password (OTP) changes after a set time period?
€‹Interval-based one-time password (IOTP)
€‹Time-based one-time password (TOTP)
Period-based one-time password (POTP)
€‹HMAC-Based one-time password (HOTP)
What device acts like a wireless base station in a network, acting as a bridge between wireless and wired networks?
Ad-hoc peer
WMM
Endpoint
Access Point
What type of access point is configured by an attacker in such a manner that it mimics an authorized access point?
Evil twin
Active twin
Internal replica
Authorized twin
A Bluetooth attack in which the attacker accesses unauthorized information from a wireless device using a Bluetooth connection, is known as?
Bluesnarfing
Bluejacking
Bluecracking
Bluetalking
A U.S. Department of Defense (DoD) smart card that is used for identification of active-duty and reserve military personnel along with civilian employees and special contractors is called:
Credential Validation Card (CVC)
Identity Validation Card (IVC)
€‹Personal Credential Card (PCC)
Common Access Card (CAC)
What is an SLA?
Written agreement between a service provider and their customers that documents agreed levels of service for a service.
During a vulnerability assessment, what type of software can be used to search a system for port vulnerabilities?
Threat scanner
Vulnerability profiler
Port scanner
Application profiler
How can an administrator force wireless clients to use a standard web browser to provide information, and require a user to agree to a use policy or present valid login credentials?
Captive portal access point
AUP Enforcement access point
Gateway access point
Wireless device probe
How can an administrator manage applications on mobile devices using a technique called "app wrapping?"
Cloud Application Management
Extended Application Management
Mobile Application Management
Remote Application Management
Mobile Device Management systems that allow users to store usernames and passwords within a device are said to be using:
Credential management
Password containers
Identity control
App wrapping
What PIN is considered to be the most commonly used PIN?
7777
0000
1234
4321
A location that has all the equipment installed but does not have active Internet or telecommunications facilities, and does not have current backups of data, is an example of a:
Spare site
Cold site
Warm site
Hot site
How can an administrator keep devices powered when power is interrupted?
Uninterruptible power supply
Uninterruptible system supply
Redundant power supply
Replica power supply
Which EAP protocol creates an encrypted channel between the client authentication server and the client, and uses Microsoft Windows logins and passwords?
TKIP
PEAP
LEAP
ICMP
According to the Federal Bureau of Investigation (FBI), what percentage of crime committed today leaves behind digital evidence that can be retrieved via computer forensics?
65
75
85
95
An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices?
Hub
Switch
Firewall
Router
An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured to make use of both servers in a manner that is transparent to the end users?
Stateful packet filtering
DNS caching
DNS poisoning
Load balancing
Due to the potential impact of changes that can affect all users in a organization, and considering that security vulnerabilities can arise from uncoordinated changes, what should an organization create to oversee changes?
Change management team
Security control team
Incident response team
Compliance team
A snapshot of the current state of a computer that contains all current settings and data is known as what option below:
System view
System image
System baseline
System standard
Multiple sectors on a disk, when combined, are referred to as a:
Track
Slice
Platter
Cluster
A laptop may have multiple hardware ports. Which of the following is not a typical port included on a laptop?
ESATA
Universal Serial Bus (USB)
RJ-45
RS232
At what level of the OSI model does the IP protocol function?
Data Link Layer
Network Layer
Transport Layer
Presentation Layer
A server that routes incoming requests to a specific destination server, and acts as the final destination IP for all client access, is known as a:
System proxy
Forward proxy
Application proxy
Reverse proxy
A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network?
Create a DMZ, add necessary hosts.
Install a bastion, configure host
Set up a choke in front of the web server
Configure a reduction point on a firewall
A user or a process functioning on behalf of the user that attempts to access an object is known as the:
Label
Entity
Subject
Reference monitor
What device operates at the Network Layer (layer 3) of the OSI model and forwards packets across computer networks?
Router
Switch
Hub
Bridge
When a private network uses a single public IP address, and each outgoing TCP packet uses a different port to allow for proper translation, what networking technology is in use?
PAT
NAPT
NAT
PNAT
Which network address below is not a private IP address network?
172.63.255.0
192.168.255.0
172.17.16.0
10.4.5.0
What are values that are attributed to a system of beliefs that help the individual distinguish right from wrong called?
Morays
Ethics
Morals
Standards
Which tester has an in-depth knowledge of the network and systems being tested, including network diagrams, IP addresses, and even the source code of custom applications?
Black box
System
White box
Replay
A metallic enclosure that prevents the entry or escape of an electromagnetic field is known as a:
Faraday cage
Newton cage
Mantrap
Bollard
{"name":"SEC-110 L01 - Final Exam Review", "url":"https://www.quiz-maker.com/QPREVIEW","txt":"A vulnerable process that is divided between two or more individuals to prevent fraudulent application of the process is known as:, In a UAC prompt, what color is used to indicate the lowest level of risk?, Bluetooth is an example of what type of technology below?","img":"https://www.quiz-maker.com/3012/images/ogquiz.png"}