Security+ SY0-201 Study Guide

Study online at quizlet.com/_4b6kg

1.

3DES uses A asymmetric encryption algorithm uses A cryptovariable, or key A DMZ host is basically a a DMZ host would always be A Fires A firewall is a A flooding attack can A gateway serves as a A good email security setup a message digest utilizes a remote access protocol allows A router can A sniffing attack is

three separate 56-bit keys for an effective key length of 168 bits. a different key for encryption and decryption

16.

2.

3.

the value applied to encrypted or clear text in order to decrypt or encrypt the text. "catch-all" host for requests on nonconfigured ports.

A user complains that he cannot access a website because he does not have "some protocol" enabled. What is this protocol most likely to be? Access control factor Type I includes...

HTTP over SSL

17.

4.

passwords, numeric keys, PIN numbers, secret questions and answers physical keys or cards, smart cards, and other physical devices Biometrics like high-tech systems that use fingerprints, retinal scans, or even DNA ability of a system to limit access to only certain users. attempt to thwart any kind of detected attacks without user intervention Scalable and does not require much administration , and Easier for users to use Faster and easier to implement , and Lower overhead on system resources based on the Rijndael Block Cipher a strong algorithm with a strong key. it cannot be un-hashed Spoofing

18. 5.

well-secured, just like a bastion host would be.

19.

Access control factor Type II includes... Access control factor Type III includes...

6. 7.

include common combustibles device that can selectively filter communications between two hosts. overwhelm the processing and memory capabilities of a network system or server. sort of middle-man between two networks, usually the Internet and a private network. includes a non-open relay server (or authenticated relay server). a one-way hash function to calculate a setlength version of a message that cannot be deciphered into clear text. remote access to a network or host and is usually employed in dial-up networking. forward packets of information based on the IP address of the header of the packet. when an attacker gets information, either off the media directly or from regular network traffic, in order to compromise the confidentiality or integrity of information. the same key for encryption and decryption.
22. 20.

8.

Access control is the...

9.

21.

active IDS will

10.

11.

advantages of asymmetric algorithms

12.

23.

advantages of Symmetric algorithms

13.

24.

AES is AES uses After a password has been hashed An attacker sends a series of malformed packets to a server causing him to gain access to the server as the "root" user. Which attack is this most likely to be? application-level gateway

14.

25.

15.

A symmetric encryption algorithm uses

26.

27.

28.

operates in the Application layer of the OSI model and actively inspects the contents of packets that are passed through to the gateway.

29.

Applications, in the networking sense, refer to Authentication Header (AH) can provide Authorization is achieved Availability is the idea that... B Fires Backup power sources can be Backup sources should be behavior-based IDS analyzes

specific Application-layer services that hosts provide over specific ports, or gateways into the system. authentication of the user who sent the information as well as the information itself between the reference model and the Kernel of the operating system information should be available to those authorized to use it. include burnable fuels used to ensure continuity in the case of a disaster used in critical applications, such as servers and physical access equipment baselines or normal conditions of network traffic; it then compares them to possibly malicious levels of traffic Any attack based on favorable probability. breaks up a clear text into fixedlength blocks and then proceed to encrypt those blocks into fixedlength ciphers. controls, scripts, programs, or other software that can run from the browser and cause damage to a host. Every single possible combination of characters (aaa,aaA,aAA,AAA,aab...) Through a specifically and maliciously crafted packet, information can overflow in that stack, causing a number of problems. include electronics uses username and password combinations that authenticate users Challenge-Handshake Authentication Protocol operates on the Session layer of the OSI model. Instead of inspecting packets by header/source or port information, it instead maintains a connection between two hosts that is approved to be safe.

46.

30.

Combination of chemicals used to eliminate Class A, B fires common symmetric algorithms computer virus computer worms

Soda acid

47.

DES, 3DES, AES, IDEA, RC5

31.

48.

32.

malicious software that propagates itself upon the action of a user can be extremely destructive and costly malicious programs that self-propagate to cause unbelievable damage to computer networks across the world. information should only be accessible to its intended recipients. breaking the cipher or attempting to understand the cipher text. includes chemical and other fires conversion of cipher text into clear text. considered highly insecure and unreliable and has been replaced by 3DES. outdated 64-bit block cipher that uses a 56-bit key. Enter passwords from a text file (a dictionary) Water, CO2, Soda acid, and Halon

49.

33. 34.

50.

35.

Confidentiality is the idea that... Cryptanalysis is the act of D Fires decryption is the DES is DES is an Dictionary Password Cracking different systems to suppress fire Diffie-Hellman can be Diffie-Hellman is a Diffie-Hellman is vulnerable to Discretionary Access Control is DMZ zone is known as dual-home gateway is dual-home gateway is a screening router setup that

51.

36.

52. 53. 54.

37.

birthday attack is block cipher

55.

38.

56.

39.

Browser Scripts/Vulnerabilities are Brute Force Password Cracking buffer overflow attack

57.

58.

40.

used to exchange keys key agreement protocol man-in-the-middle attacks the system in which the owners of files actually determine who gets access to the information. the zone around the bastion host that operates publicly and whose traffic to the trusted network is screened cumbersome and rather slow in comparison to other topologies implements a bastion host between the screening (external) router and the trusted network.

59.

41.

60.

61.

42. 43.

C Fires CHAP is an authentication protocol that CHAP stand for circuit-level gateway

62.

44.

63.

45.

64.

65.

Dumpster Diver attack is

when someone would look through trash and other unsecured materials to find pertinent information to either launch an attack or carry out some other maliciously intended action. abilities, advantages, and drawbacks extension of Diffie-Hellman that includes encryption and digital signatures. crossover or interference that occurs in electrical wires due to high-energy electrons "crossing over" into another wire or signal. actual encryption services which can ensure the confidentiality of the information being sent.

83.

Hosts are connected to each other via How do mandatory access controls protect access to restricted resources? HVAC Hybrid Password Cracking

a switch or a hub.

84.

Sensitivity labeling

66.

Each type of firewall has El Gamal is an Electric noise is the Encapsulating Security Protocol (ESP) can provide encryption is the End-to-End encryption EPO (Emergency power-off) switches are ESD can be

67.

68.

85.

heating, ventilation, and air conditioning A variation of the Dictionary approach, but accounting for common user practices such as alternating character cases, substituting characters ("@" in place of "A", etc) A flood of ICMP pings used by PGP to ensure email security 64-bit blocks and a 128-bit key intrusion detection system track or detect a possible malicious attack on a network active, passive, network-based, hostbased, knowledge-based, and a behavior-based sole gateway and gatekeeper between the un-trusted, outside network (i.e. the Internet) and the trusted network (i.e. LAN). connections that act between the different gateways, routers, and servers. information should arrive at a destination as it was sent. unique numeric identifier of a host machine within the scope of a TCP/IP network utilized in several protocols such as TLS and SSL Authentication Header (AH), and Encapsulating Security Protocol (ESP)

86.

69.

87.

70.

change of clear text, or understandable data, into cipher text, or difficult-to-interpret data. data is encrypted when it is sent and decrypted only by the recipient. used to shut down power immediately

ICMP Ping Flood is IDEA is IDEA uses IDS IDS can IDS classifications In a screening router setup, the router acts as the in networking topologies are Integrity is the idea that... IP address is a

88. 89. 90.

71.

72.

91.

92.

73.

prevented by 40 to 60 percent humidity levels, grounding, and antistatic floor mats (and other antistatic material) electrostatic discharge, a convoluted term for static electricity build-up and release any hardware or software designed to prevent unwanted network traffic detects fires by the flicker of a flame or infrared detection MD5, and SHA-1

93.

74.

ESD is firewall Flamesensing Hashing Protocols Heat-sensing High humidity can cause High temperatures can cause honeypot is designed to

75.

94.

76.

95.

77.

96.

78. 79.

detects fires by temperature corrosion in equipment due to water damage

97.

IPSEC is IPSec is comprised of what two basic components IPSEC operates in what two basic modes

98. 80.

computer equipment, especially processors, to over-heat and perform poorly lure attackers or malicious users into attempting an attack on a fictional or purposefully-weak host and then recording the patterns of their activity or the source of the attack require agents to be installed on every protected host.

81.

99.

Transport Mode, and Tunneling Mode

82.

host-based IDS systems

100.

IPSEC Transport Mode

Provides host-to-host security in a LAN network but cannot be employed over any kind of gateway or NAT device. Note that in transport mode, only the packet's information, and not the headers, are encrypted. provides encapsulation of the entire packet, including the header information. The packet is encrypted and then allowed to be routed over networks, allowing for remote access. When an encryption key is confidentially shared between two hosts or entities. When an encryption key is made available to any host an open-source and widely-accepted method of authentication that works on a shared secret key system with a trusted third party Nix (Unix-like) technology that is also being implemented in Microsoft technology to allow for client-server authentication over a network based on a shared key system. Single Sign-On technology(SSO)

117.

Mandatory Access Control is

the system in which a central administrator or administration dictates all of the access to information in a network or system. gateways, and many gateways have NAT functionality built into them. the most commonly-used hash protocol and uses a 128-bit digest. something of an unreadable, condensed version of a message VPN

118.

Many routers also serve as MD5 is message digest is might be utilized by a telecommuting employee who dials into the office network. MOSS MOSS is a Most popular browsers and email clients support Multi-Factor Authentication means... NAT NAT is a

101.

IPSEC Tunneling Mode

119.

120.

102.

is known as a private key is known as a public key Kerberos is

121.

103.

104.

122. 123.

MIME Object Security Services less-common, more extensive suite of security services for email. S/MIME

105.

Kerberos is a

124.

125.

Systems use more than one factor (Type) to ensure a user's identity Network Address Translation service in which a gateway can allow multiple private hosts to operate under the guise of a single public IP address. operates as its own node on a network TLS which is the idea that a sender of information would not be able to refute the fact that he or she did send that information or data. limiting the number of concurrent connections to a login system can slow down a cracking attack. polices traffic on the basis of packet headers. operates through a special ACL (access control list) in which both the white and black list of IP addresses and port numbers are listed. In monitors for malicious activity and then alerts the operator to act

106.

Kerberos is associated with Kerberos issues what are known as "tickets" through the knowledgebased IDS works by L2TP L2TP operates on a LAC Layer 2 Tunneling Protocol Layer 2 Tunneling Protocol(L2TP), is an Link encryption LNS Low humidity creates an

126.

107.

Ticket Granting Server(TGS)

127.

108.

assessing network traffic and comparing it with known malicious signatures, much like antivirus software Layer 2 Tunneling Protocol client/server model L2TP Access Concentrator utilizes a tunneling protocol, it utilizes IPSec (IP Security) to encrypt data all the way from the client to the server. alternative protocol to PPTP that offers the capability for VPN functionality

128.

network-based IDS is one that newest version of SSL non-repudiation

129.

109. 110.

130.

111. 112.

131.

One way to defend against cracking attacks is packet filtering firewall packet filtering firewall

113.

132.

133.

114.

every packet is encrypted at every point between two communicating hosts L2TP Network Server environment suited for too much static electricity (ESD)
134.

115. 116.

passive IDS simply

135.

Password Cracking attack is PEM PEM provides PGP PGP is a

an attack by which the attacker wishes to gain authentication (and authorization) to network resources by guessing the correct password. Privacy Enhanced Mail 3DES encryption for email.

155.

Remote Access Service Remote Access Service Role-Based Access Control is RSA can be RSA is an S-HTTP is a

provides dial-up access and once was the protocol of choice for connecting to the Internet. is a rarely-used, unsecure, and outdated Microsoft offering in the area of remote access technology related to a system in which the roles of users determine their access to files. used to transmit private keys between hosts. asymmetric key transport protocol connectionless standard that provides for symmetric encryption, message digests, and client-server authentication. Secure Multipurpose Internet Mail Extensions basic cryptographic services for email sent via the Internet. essentially a dual-homed gateway in which outbound traffic (from trusted to un-trusted) can move unrestricted. employ a bastion host between two screening routers.

156.

136. 137.

157.

138. 139.

Pretty Good Privacy open-source and extremely popular email security suite that uses IDEA to encrypt email and validate signatures. physical threats, such as fire or natural disasters. the most common dial-up networking protocol today. is advantageous for dial-up networking services as most people today wish to be able to use the Internet commonly implemented remote access protocol that allows for secure dial-up access to a remote network. tunneling protocol that can encapsulate connection-oriented PPP packets (which are simple remote access packets) into connectionless IP packets point-to-point protocol Point-to-point tunneling protocol an implementation of PPP that utilizes tunneling by encapsulating data. widely-applied form of cryptography commonly utilized in many network transactions. widely-available and unique "public keys," as well as "private keys," to securely transmit confidential data. Remote Access Service accommodate a block size of up to 128 bits and a key up to 2048 bits. a fast, variable-length, variable-block symmetric cipher. developed by RSA Security remotely "dial in" to a network of choice; while some of these protocols have come and gone, many of them remain widely in use even today in dial-up WAN access and business VPN networks.
171. 167. 158. 159. 160.

140.

Physical security point-topoint protocol point-topoint protocol Point-topoint tunneling protocol is a Point-topoint tunneling protocol is a PPP PPTP PPTP Public Key Cryptography is a public key systems utilize RAS RC5 can RC5 is RC5 was remote access protocols have existed to allow users to

141.

161. 162.

S/MIME S/MIME Provides screen host gateway is screenedsubnet setup works to Secure Connections are Secure Sockets Layer Secure Sockets Layer is a SHA-1 is

142.

163.

143.

164.

144.

165.

typically employed in VPN (Virtual Private Network) applications and corporate remote networks. typically employed over HTTP, FTP, and other Application-layer protocols to provide security. HTTPS (HTTP over SSL) is particularly used by web merchants technology employed to allow for transportlayer security via public-key encryption a more secure implementation of a hashing protocol that uses a 160-bit digest and "pads" a message to create a more difficult-todecipher hash. detects fires by variations in light intensity or presence of CO2 an attack by which the attacker manipulates people who work in a capacity of some authority so that the attacker can get those people to do something that he desires. proxy server, which is a server that serves as the "middle man" between two hosts that wish to communicate.

145. 146. 147.

166.

148.

168.

149.

150. 151.

169.

Smokesensing Social engineering attack is special kind of applicationlevel gateway is a

170.

152.

153. 154.

172.

Spoofing is

any attempt to hide the true address information of a node and is usually associated with IP spoofing, Secure Sockets Layer connection-oriented standard designed to allow for secure cryptographic communication between two hosts via the Internet. the ability for a user to only be authenticated once to be provided authorization to multiple services. work on information "bit-by-bit" rather than "block-by-block." CO2

187.

three common methods of fire detection Three kinds of Password Cracking are to ensure both information authenticity and confidentiality Traditional method and effective against Class A fires true statement regarding the transport mode of IPSec? Useful against A,B, and C fires but illegal by Montreal Protocol (ozone depleting) virtual private network is defined as a Viruses

Heat-sensing, Flame-sensing, and Smoke-sensing Brute Force, Dictionary, and Hybrid signed and secure message format may be employed.

188.

173. 174.

SSL SSL is a

189.

175.

SSO refers to

190.

Water

191.

only works between local hosts

176.

stream ciphers Suppresses by removing O2 element. Useful against Class B and C fires SYN Flood is The difference between a switch and a hub is

177.

192.

Halon

178.

A flood of specially crafted SYN packets a hub forwards all packets to all connected hosts whereas a switch forwards packets only to selected recipients, increasing information confidentiality. one-half of the entire cryptographic exchange. Key Distribution Center(KDC)

193.

179.

private network that operates over a public network. typically inflict damage by either destroying files categorically or installing new files that drastically affect the performance of the computer virtual private network port 27374

194.

180.

The encryption process is The logical part of the Kerberos server that governs key distribution is The most common form of authentication system is The reference model is the system that The Rijndael Block Cipher can

195. 196.

181.

VPN well-known to be a port used by the Trojan horse "SubSeven." What are the three Access Control Factors What are the three Methods of Access Control What component of IPSec would allow a message to be traced back to a specific user? What does CIA stand for? What is a fundamental difference between a worm and a virus?

182.

a username and password system. directs the Kernel what it can and cannot access. utilize different block and key lengths (including 128, 192, and 256 bit keys) to produce a fast and secure symmetric block cipher. the physical medium of communication that the network utilizes. tunneling or secure remote access protocols

197.

183.

Type I - What you know, Type II What you have, and Type III What you are Mandatory Access Control(MAC) Discretionary Access Control(DAC) Role-Based Access Control(RBAC) Authentication Header (AH)

198.

184.

199.

185.

The term "media" in networking refers to This class is related to two of the fundamental aspects of information security: confidentiality and availability.

186.

200.

Confidentiality, Integrity, and Availability Worms do not require user intervention

201.

202.

what is the correct order of the access control process? What is the primary difference between asymmetric and symmetric encryption algorithms? When you think dial-up access, think of Which of the following are not application services or servers? Which of the following authentication factors is considered the strongest? Which of the following can be used as a sort of packet filtering firewall? Which of the following conditions would have little effect on the ability for systems to continue functioning? Which of the following courses of action would not prevent a social engineering attack? a. Mandatory security training for new computer users b. Administrative approval for any major system changes c. Hiring a dedicated operator to handle undirected phone calls and emails d. Installing a firewall with NAT technology Which of the following ensures message confidentiality, but not authenticity? Which of the following fires can be put out easily with water? Which of the following is a layer-3 device that connects two dissimilar network segments? Which of the following is an advantage of symmetric-key cryptography in comparison to asymmetric-key cryptography? Which of the following is least likely to be associated with browser security? Which of the following is not a parameter of a security association in IPSec?

Identification, Authentication, Authorization The use of a public key PPP DMZ Server , ARP Server, and DHCP Server Type 3

216.

Which of the following is not a program or tool used to ensure email security? Which of the following is not a reason to implement a firewall? Which of the following is not a way that IDS systems are commonly classified? Which of the following is not an advantage of asymmetric algorithms? Which of the following is not an asymmetric protocol? Which of the following is not considered a physical security threat? Which of the following is not true of viruses? Which of the following is the function of PGP? Which of the following is true of a packet filtering firewall? Which of the following parts of the CIA triangle are effectively ensured by cryptography? Which of the following protocols does not employ cryptography? Which of the following provides tunneling over the data-link layer? Which of the following should be included in a BCP (business continuity plan)? Which of the following symmetric ciphers is used in PGP for email security? Which of the following topologies features a demilitarized zone or DMZ? Why can't a packet sniffer intercept switched network traffic? Why is a hash more difficult to decipher than a standard encryption protocol? Why is DES considered "insecure?"

SSH

203.

217.

To improve network throughput Latent

218.

204.

205.

219.

Speed

206.

220.

3DES Buffer Overflow

221.

207.

NAT Device -10 degrees Celsius temperature

208.

222.

They destroy hardware and software components of a PC Provide message encryption services It implements an ACL Confidentiality and Integrity Only Telnet L2TP

223.

209.

Installing a firewall with NAT technology

224.

225.

226.

227.

210.

Secure message format A Fires

228.

211.

How to shift the load of processing to backup emergency servers IDEA

229. 212.

Router

230. 213.

Screened-Subnet

Symmetric key systems are faster than their asymmetric counterparts Birthday attacks

231.

Switched networks direct traffic by MAC address It is a one-way function Weak key length

214.

232.

215.

Destination IP Address

233.

234.

Why would behavior-based IDS require less maintenance than knowledge-based IDS?

Behaviorbased systems do not require signatures or libraries of attacks The network is being flooded

243.

Your company requires secure remote access through a terminal to a server. Which of the following would provide such secure access? Your company wishes to implement a web server, email server, and voice-overIP server that are accessible to the rest of the Internet. However, it wants to ensure that the structure and hosts within the rest of the network are totally protected from outside access. Which of the following setups would provide this functionality? Your manager asks you to implement a system that can filter out unwanted content, such as viruses and unproductive Internet content. The best way to accomplish this would be through a system that implements a Your manager complains that he cannot remember his password. You have also lost your copy of the password, but the MD5 hash of the password is stored in the database. How can you use the MD5 hash to recover the password? Your manager wants to make sure that when he dials in to a faraway corporate network, his connection is very secure and reliable. Which of the following is the most secure and reliable RAS? Your manager wishes to implement some kind of device that would reject traffic from online gambling sites and other distractions. Which of the following devices would be most effective in achieving this solution? Your manger asks you to employ a system in which the sender of a message would not be able to deny that he sent that message. Your manager is asking for

SSH

244.

ScreenedSubnet

235.

You notice a dramatic increase in the traffic going through your network. After a close examination of the traffic, you realize that the majority of the new traffic is in the form of empty broadcast packets sent from a single host. What is most likely happening? You notice a rapid increase in the number of ICMP requests coming from a single host. The requests are continuous and have been occurring for minutes. What kind of attack are you likely experiencing? You notice that many users are complaining that their emails are being rejected by the servers that they send the emails to. You also notice that the reason that they are being rejected is because those servers have supposedly received bulk email from your domain. Assuming that your users are innocent of spamming others, the most likely cause of this is: You notice that there have been over a thousand login attempts in the last minute. What might you correct in order to prevent a similar attack in the future?

245.

Proxy server

236.

Ping flood

246.

237.

Your email server is configured for open relay

You cannot recover the password from the hash L2TP

247.

238.

Mandate and configure a lockout time period Trojan horse

248.

ApplicationLevel Gateway in the form of a Proxy Server Nonrepudiation

239.

You notice unusual network traffic on a port number whose function you cannot identify. This is probably the mark of a (an): You setup a packet-filtering firewall that accepts or rejects traffic based on the IP address of the source. What kind of attack is this firewall specifically vulnerable to? You wish to implement VPN access so that an attorney can connect to the firm's network remotely. Which remote access protocol might you use? Your boss asks you to recommend a solution that meets the following requirements: 1) He wishes to access the company network remotely, and 2) The access must be as secure as possible. What would you implement?

249.

240.

Spoofing

241.

PPTP

242.

A VPN using L2TP and IPSec