45 questions
The vulnerability discovered in IPsec in early 2014 was nicknamed Heartbleed, due to an issue with a heartbeat extension in the protocol.
True
False
Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.
False
True
The OSI model breaks networking steps down into a series of six layers.
True
False
A Hardware Security Module (HSM) is essentially a chip on the motherboard of the computer that provides cryptographic services.
True
False
A hash algorithm is designed to create a hash that represents the contents of a set of data that can later be decrypted.
True
False
Self-encrypting HDD is commonly found in copiers and multifunction printers as well as point-of-sale systems used in government, financial, and medical environments.
True
False
Digital signatures actually only show that the public key labeled as belonging to the person was used to encrypt the digital signature.
True
False
Defense in depth, or layered security, involves the use of multiple types of network hardware within a network.
True
False
Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user’s local system.
True
False
A block cipher works on a single character at a time, and is faster than a stream cipher.
True
False
The Encapsulating Security Payload (ESP) protocol ensures IPsec's confidentiality.
True
False
Workgroup switches must work faster than core switches.
True
False
Digital certificates cannot be used to identify objects other than users.
True
False
Security is enhanced by subnetting a single network into multiple smaller subnets in order to isolate groups of hosts.
True
False
Steganography hides the existence of data within images by dividing and hiding portions of a file within the image.
True
False
SSL and TLS keys of what length are generally considered to be strong?
128
1024
2048
4096
What is the name for a computer or application program that intercepts user requests from the internal secure network and then processes that request on behalf of the user?
proxy server
DNS server
VPN server
telnet server
An administrator has two servers that host the same web content, but only one server is utilized at a given time. What can be configured to make use of both servers in a manner that is transparent to the end users?
Stateful packet filtering
Load balancing
DNS caching
DNS poisoning
A firewall that keeps a record of the state of a connection between an internal computer and an external device is using what technology below?
Stateful frame filtering
Stateless frame filtering
Stateful packet filtering
Stateless packet filtering
In cryptography, which of the five basic protections ensures that the information is correct and no unauthorized person or malicious software has altered that data?
Confidentiality
Availability
Encryption
Integrity
The IPv4 protocol uses IP addresses which are how many bytes in length?
4
8
16
32
A sensitive connection between a client and a web server uses what class of certificate?
Class 1
Class 2
Class 3
Class 4
A web server must be accessible to untrusted outside users. What can be done to isolate this host and any additional hosts with similar requirements from more secured hosts on a network?
Install a bastion,
configure host
Set up a choke in front of the web server
Create a DMZ, add necessary hosts.
Configure a reduction point on a firewall
An early networking device that functioned at layer 1 of the OSI model and added devices to a single segment is known as which of the following choices?
switch
router
firewall
hub
Which type of cryptographic algorithm takes an input string of any length, and returns a string of any requested variable length?
Substitution
block
loop
sponge
A document that describes in detail how a CA uses and manages certificates, as well as how end users register for a digital certificate, is known as?
Certificate practice statement (CPS)
Certificate policy (CP)
Lifecycle policy (LP)
Access policy (AP)
The management in your corporate office want to group users on the network together logically even though they are attached to separate network switches. How can this be done?
Create a subnet for each network switch involved.
Create additional broadcast domains for the users.
Add all users to a single DMZ segment
Create a VLAN and add the users' computers / ports to the VLAN.
The process by which keys are managed by a third party, such as a trusted CA, is known as?
Key escrow
Key destruction
Key renewal
Key management
What is the name of the open source asymmetric cryptography system that runs on Windows, UNIX, and Linux systems, and is compatible with PGP?
GPG
OGP
CGP
GPP
What technology enables authorized users to use an unsecured public network, such as the Internet, as if it were a secure private network?
IKE tunnel
VPN
endpoint
router
Select below the term that is used to describe a trusted third-party agency that is responsible for issuing digital certificates:
Registration Authority
Delegation Authority
Certification Authority
Participation Authority
The simplest type of stream cipher, one in which one letter or character is exchanged for another, is known as what?
shift
substitution
lock
loop
What is the name for an organization that receives, authenticates, and processes certificate revocation requests?
Registration Authority
Certificate Authority
Repudiation Authority
Intermediate Authority
The asymmetric cryptography algorithm most commonly used is:
AES
RSA
Twofish
Blowfish
The SHA-1 hashing algorithm creates a digest that is how many bits in length?
96 bits
128 bits
160 bits
192 bits
What cryptographic method, first proposed in the mid-1980s, makes use of sloping curves instead of large prime numbers?
FCC
RSA
ECC
IKE
The NTRUEncrypt cryptographic algorithm makes use of which of the following cryptographic techniques?
matrix-based
lattice-based
linear
quantum
On what principle did Julius Caesar's cryptographic messages function?
Each alphabetic letter was replaced by a corresponding number
Each alphabetic letter was represented by a seemingly random symbol
Each alphabetic letter was shifted three places down in the alphabet
Each alphabetic letter was shifted 5 places up in the alphabet
_________________ is a technique that allows a private IP addresses to be used on the Internet with a single public IP address.
Network Address Translation (NAT)
BAT
HAT
SAT
Internet ____________________ filters monitor Internet traffic and block access to preselected Web sites and files
network
content
keyword
netflix
A ______________ is a worker who work occasionally or regularly from a home office.
telephone
telepath
telecommuter
teleevangelist
Key ____________________ dates prevent an attacker who may have stolen a private key from being able to decrypt messages for an indefinite period of time.
Holiday
network
programming
expiration
A framework for managing all of the entities involved in creating, storing, distributing, and revoking digital certificates
Public key Infrastructure (PKI)
Distributed trust model
Certificate Repository
Bridge trust model
A trusted third-party agency that is responsible for issuing digital certificates
Session keys
key escrow
Digital certificate
Certificate Authority (CA)
A trust model with one CA that acts as a facilitator to interconnect all other CAs
Bridge trust model
Certificate Repository
key escrow
Session keys