Podcast
Questions and Answers
What is the principle of least privilege?
What is the principle of least privilege?
A security rule that prevents users from accessing information and resources that lie beyond the scope of their responsibilities.
Which of the following acronyms refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?
Which of the following acronyms refers to a risk assessment formula defining probable financial loss due to a risk over a one-year period?
The Exposure Factor (EF) in the formula for Single Loss Expectancy (SLE) refers to the impact of the risk over the asset, or percentage of asset lost when a specific threat is realized. What is the EF value for an asset that is entirely lost?
The Exposure Factor (EF) in the formula for Single Loss Expectancy (SLE) refers to the impact of the risk over the asset, or percentage of asset lost when a specific threat is realized. What is the EF value for an asset that is entirely lost?
1.0
What is a firewall?
What is a firewall?
Signup and view all the answers
What is a router?
What is a router?
Signup and view all the answers
What is an exception in the context of firewalls?
What is an exception in the context of firewalls?
Signup and view all the answers
What is a load balancer?
What is a load balancer?
Signup and view all the answers
The last default rule on a firewall is to deny all traffic.
The last default rule on a firewall is to deny all traffic.
Signup and view all the answers
What is a proxy?
What is a proxy?
Signup and view all the answers
What does HIDS stand for?
What does HIDS stand for?
Signup and view all the answers
One of the measures for securing networking devices includes the practice of disabling unused ports.
One of the measures for securing networking devices includes the practice of disabling unused ports.
Signup and view all the answers
Which of the following ensures the privacy of a VPN connection? (Select all that apply)
Which of the following ensures the privacy of a VPN connection? (Select all that apply)
Signup and view all the answers
Which of the following refers to a dedicated device for managing secure connections over an untrusted network? (Select all that apply)
Which of the following refers to a dedicated device for managing secure connections over an untrusted network? (Select all that apply)
Signup and view all the answers
Which of the following acronyms refers to a network or host based monitoring system designed to alert administrators of unauthorized activity? (Select all that apply)
Which of the following acronyms refers to a network or host based monitoring system designed to alert administrators of unauthorized activity? (Select all that apply)
Signup and view all the answers
Which of the following terms refers to a software tool used for monitoring network traffic? (Select all that apply)
Which of the following terms refers to a software tool used for monitoring network traffic? (Select all that apply)
Signup and view all the answers
Which of the following lists the protocol and port number used by a spam filter? (Select 2 answers)
Which of the following lists the protocol and port number used by a spam filter? (Select 2 answers)
Signup and view all the answers
Which acronym refers to a network security solution that combines a firewall with additional functionalities? (Select all that apply)
Which acronym refers to a network security solution that combines a firewall with additional functionalities? (Select all that apply)
Signup and view all the answers
URL filtering restricts access based on which criteria? (Select all that apply)
URL filtering restricts access based on which criteria? (Select all that apply)
Signup and view all the answers
Which of the following network security solutions inspects traffic in real time? (Select all that apply)
Which of the following network security solutions inspects traffic in real time? (Select all that apply)
Signup and view all the answers
Which of the following refers to a firewall controlling access to a web server? (Select all that apply)
Which of the following refers to a firewall controlling access to a web server? (Select all that apply)
Signup and view all the answers
Which of the answers list a set of rules specifying which users can access objects? (Select all that apply)
Which of the answers list a set of rules specifying which users can access objects? (Select all that apply)
Signup and view all the answers
Which actions can be taken by passive IDS? (Select 2 answers)
Which actions can be taken by passive IDS? (Select 2 answers)
Signup and view all the answers
What does 802.1x define?
What does 802.1x define?
Signup and view all the answers
What is Rule-Based Access Control?
What is Rule-Based Access Control?
Signup and view all the answers
A type of IDS that relies on a baseline of normal activity is a signature-based IDS.
A type of IDS that relies on a baseline of normal activity is a signature-based IDS.
Signup and view all the answers
Which security solution provides a countermeasure against denial-of-service attacks? (Select all that apply)
Which security solution provides a countermeasure against denial-of-service attacks? (Select all that apply)
Signup and view all the answers
Which protocols protect against switching loops? (Select all that apply)
Which protocols protect against switching loops? (Select all that apply)
Signup and view all the answers
A type of IDS that relies on known attack patterns is known as a signature-based IDS.
A type of IDS that relies on known attack patterns is known as a signature-based IDS.
Signup and view all the answers
Which policy applies to requests falling outside the criteria defined in an ACL? (Select all that apply)
Which policy applies to requests falling outside the criteria defined in an ACL? (Select all that apply)
Signup and view all the answers
What is a Demilitarized Zone (DMZ)?
What is a Demilitarized Zone (DMZ)?
Signup and view all the answers
Which part of the address 192.168.1.5/24 identifies its network ID?
Which part of the address 192.168.1.5/24 identifies its network ID?
Signup and view all the answers
Which acronym refers to a solution for managing internal call costs? (Select all that apply)
Which acronym refers to a solution for managing internal call costs? (Select all that apply)
Signup and view all the answers
What technology allows making phone calls over a broadband Internet connection?
What technology allows making phone calls over a broadband Internet connection?
Signup and view all the answers
Which of the following answers lists a /27 subnet mask? (Select all that apply)
Which of the following answers lists a /27 subnet mask? (Select all that apply)
Signup and view all the answers
What type of system can be compromised through phreaking?
What type of system can be compromised through phreaking?
Signup and view all the answers
What refers to a grouping of computers in the same broadcast domain regardless of physical location? (Select all that apply)
What refers to a grouping of computers in the same broadcast domain regardless of physical location? (Select all that apply)
Signup and view all the answers
Which measure is in place when a client is denied access due to outdated antivirus software? (Select all that apply)
Which measure is in place when a client is denied access due to outdated antivirus software? (Select all that apply)
Signup and view all the answers
Which technology allows multiple operating systems to run simultaneously on the same hardware? (Select all that apply)
Which technology allows multiple operating systems to run simultaneously on the same hardware? (Select all that apply)
Signup and view all the answers
What is post-admission NAC?
What is post-admission NAC?
Signup and view all the answers
Which solution hides internal IP addresses in IP packet headers? (Select all that apply)
Which solution hides internal IP addresses in IP packet headers? (Select all that apply)
Signup and view all the answers
VLAN membership can be set through: (Select all that apply)
VLAN membership can be set through: (Select all that apply)
Signup and view all the answers
What does IaaS stand for?
What does IaaS stand for?
Signup and view all the answers
Which cloud service type would best suit a web developer creating a web app? (Select all that apply)
Which cloud service type would best suit a web developer creating a web app? (Select all that apply)
Signup and view all the answers
What is SaaS?
What is SaaS?
Signup and view all the answers
The biggest advantage of public cloud services is that all services are offered free of charge.
The biggest advantage of public cloud services is that all services are offered free of charge.
Signup and view all the answers
Which concept employs multiple tools and techniques for security? (Select 2 answers)
Which concept employs multiple tools and techniques for security? (Select 2 answers)
Signup and view all the answers
Which IPsec mode provides entire packet encryption? (Select all that apply)
Which IPsec mode provides entire packet encryption? (Select all that apply)
Signup and view all the answers
Which protocol is used in network management systems for monitoring network-attached devices? (Select all that apply)
Which protocol is used in network management systems for monitoring network-attached devices? (Select all that apply)
Signup and view all the answers
Which of the following transmit data in an unencrypted form? (Select all that apply)
Which of the following transmit data in an unencrypted form? (Select all that apply)
Signup and view all the answers
What is an SNMP community?
What is an SNMP community?
Signup and view all the answers
Which protocol was designed as a secure replacement for Telnet? (Select all that apply)
Which protocol was designed as a secure replacement for Telnet? (Select all that apply)
Signup and view all the answers
What does DNS stand for?
What does DNS stand for?
Signup and view all the answers
What does AAAA record in a DNS database identify?
What does AAAA record in a DNS database identify?
Signup and view all the answers
Which protocols are used for securing HTTP connections? (Select 2 answers)
Which protocols are used for securing HTTP connections? (Select 2 answers)
Signup and view all the answers
Which suite of protocols is used for connecting hosts on the Internet? (Select all that apply)
Which suite of protocols is used for connecting hosts on the Internet? (Select all that apply)
Signup and view all the answers
FTPS is an extension to FTP that adds support for TLS and SSL protocols.
FTPS is an extension to FTP that adds support for TLS and SSL protocols.
Signup and view all the answers
What is the SCP protocol used for?
What is the SCP protocol used for?
Signup and view all the answers
Which protocol is used by the PING utility? (Select all that apply)
Which protocol is used by the PING utility? (Select all that apply)
Signup and view all the answers
Which answers lists the IPv6 loopback address? (Select all that apply)
Which answers lists the IPv6 loopback address? (Select all that apply)
Signup and view all the answers
What does iSCSI stand for?
What does iSCSI stand for?
Signup and view all the answers
Which protocols facilitate communication between SAN devices? (Select all that apply)
Which protocols facilitate communication between SAN devices? (Select all that apply)
Signup and view all the answers
What is FTP designed for?
What is FTP designed for?
Signup and view all the answers
What is SFTP?
What is SFTP?
Signup and view all the answers
Which protocol does not provide authentication? (Select all that apply)
Which protocol does not provide authentication? (Select all that apply)
Signup and view all the answers
Which protocols were designed as a secure replacement for Telnet? (Select all that apply)
Which protocols were designed as a secure replacement for Telnet? (Select all that apply)
Signup and view all the answers
FTP runs by default on ports: (Select 2 answers)
FTP runs by default on ports: (Select 2 answers)
Signup and view all the answers
Which protocols run on port number 22? (Select all that apply)
Which protocols run on port number 22? (Select all that apply)
Signup and view all the answers
What uses port number 23?
What uses port number 23?
Signup and view all the answers
Which TCP port is used by SMTP? (Select all that apply)
Which TCP port is used by SMTP? (Select all that apply)
Signup and view all the answers
Which port does DNS run on?
Which port does DNS run on?
Signup and view all the answers
Which port enables HTTP traffic?
Which port enables HTTP traffic?
Signup and view all the answers
Which ports enable retrieving email messages from a remote server? (Select all that apply)
Which ports enable retrieving email messages from a remote server? (Select all that apply)
Signup and view all the answers
Which port numbers are used by NetBIOS? (Select all that apply)
Which port numbers are used by NetBIOS? (Select all that apply)
Signup and view all the answers
Which TCP port does IMAP use?
Which TCP port does IMAP use?
Signup and view all the answers
Which TCP port is used by HTTPS? (Select all that apply)
Which TCP port is used by HTTPS? (Select all that apply)
Signup and view all the answers
What is the default port number for a Microsoft-proprietary remote connection protocol?
What is the default port number for a Microsoft-proprietary remote connection protocol?
Signup and view all the answers
Which protocols operate at layer 3 (the network layer) of the OSI model? (Select all that apply)
Which protocols operate at layer 3 (the network layer) of the OSI model? (Select all that apply)
Signup and view all the answers
In the OSI model, TCP resides at which layer?
In the OSI model, TCP resides at which layer?
Signup and view all the answers
Which wireless encryption scheme offers the highest level of protection? (Select all that apply)
Which wireless encryption scheme offers the highest level of protection? (Select all that apply)
Signup and view all the answers
Which wireless security protocol has been deprecated due to known vulnerabilities? (Select all that apply)
Which wireless security protocol has been deprecated due to known vulnerabilities? (Select all that apply)
Signup and view all the answers
What authentication framework is frequently used in wireless networks? (Select all that apply)
What authentication framework is frequently used in wireless networks? (Select all that apply)
Signup and view all the answers
What does MAC filtering refer to?
What does MAC filtering refer to?
Signup and view all the answers
What is SSID?
What is SSID?
Signup and view all the answers
Which protocol was introduced to strengthen existing WEP implementations? (Select all that apply)
Which protocol was introduced to strengthen existing WEP implementations? (Select all that apply)
Signup and view all the answers
Disabling SSID broadcast makes a WLAN harder to discover.
Disabling SSID broadcast makes a WLAN harder to discover.
Signup and view all the answers
Which protocol encapsulates EAP within an encrypted and authenticated TLS tunnel? (Select all that apply)
Which protocol encapsulates EAP within an encrypted and authenticated TLS tunnel? (Select all that apply)
Signup and view all the answers
What is CCMP?
What is CCMP?
Signup and view all the answers
Which measures counteract war driving? (Select 2 answers)
Which measures counteract war driving? (Select 2 answers)
Signup and view all the answers
Which WAP configuration setting allows adjusting the wireless signal's boundary range? (Select all that apply)
Which WAP configuration setting allows adjusting the wireless signal's boundary range? (Select all that apply)
Signup and view all the answers
Which solution allows administrators to block Internet access for users until they perform a required action? (Select all that apply)
Which solution allows administrators to block Internet access for users until they perform a required action? (Select all that apply)
Signup and view all the answers
Which antenna types would provide the best coverage for workstations connecting to a WAP? (Select all that apply)
Which antenna types would provide the best coverage for workstations connecting to a WAP? (Select all that apply)
Signup and view all the answers
Which term refers to wireless site survey? (Select all that apply)
Which term refers to wireless site survey? (Select all that apply)
Signup and view all the answers
Which example falls under technical security controls? (Select all that apply)
Which example falls under technical security controls? (Select all that apply)
Signup and view all the answers
What is a false positive error?
What is a false positive error?
Signup and view all the answers
Which example falls under operational security controls? (Select all that apply)
Which example falls under operational security controls? (Select all that apply)
Signup and view all the answers
What does false negative refer to? (Select all that apply)
What does false negative refer to? (Select all that apply)
Signup and view all the answers
What is a privacy policy?
What is a privacy policy?
Signup and view all the answers
What acronym refers to a set of rules enforced in a network? (Select all that apply)
What acronym refers to a set of rules enforced in a network? (Select all that apply)
Signup and view all the answers
One of the goals behind the mandatory vacations policy is to mitigate fraudulent activity within the company.
One of the goals behind the mandatory vacations policy is to mitigate fraudulent activity within the company.
Signup and view all the answers
What does separation of duties refer to?
What does separation of duties refer to?
Signup and view all the answers
Study Notes
Networking Devices and Security Components
- Firewall: Monitors and controls incoming and outgoing network traffic based on security rules, allowing or blocking data packets.
- Router: Connects and forwards data packets between different networks, facilitating communication.
- Load Balancer: Distributes workloads across multiple computing resources to optimize resource use and performance.
- Proxy: Acts as an intermediary for requests from clients seeking resources from other servers, providing anonymity and security.
- Demilitarized Zone (DMZ): A separate subnet between internal and external networks, hosting publicly accessible servers with limited protection.
Intrusion Detection and Prevention
- HIDS: Host-based Intrusion Detection System that monitors individual devices for suspicious activities or policy violations.
- NIPS: Network Intrusion Prevention System that inspects network traffic in real-time and can actively block attacks.
- Passive IDS Actions: Can log events and send alerts without taking direct action on the network.
- IDS: Monitors for unauthorized activities and alerts system administrators.
Security Policies and Access Control
- Implicit Deny Policy: Any requests that do not meet specified criteria in an Access Control List (ACL) are denied by default.
- Rule-Based Access Control: Access is granted or denied based on entries in an ACL determining user or system process permissions.
- Separation of Duties: Ensures that more than one person is required to complete sensitive tasks to reduce fraud.
Virtual Private Networks (VPNs)
- VPN Concentrator: A device that creates and manages secure connections over untrusted networks like the Internet.
- Tunneling: A method used to encrypt data for privacy in VPN connections.
Cloud Computing Models
- IaaS: Infrastructure as a Service, providing virtualized computing resources over the Internet.
- PaaS: Platform as a Service, enabling developers to build applications without managing underlying hardware.
- SaaS: Software as a Service, delivering applications through the Internet without requiring local installation.
Wireless Security and Protocols
- WPA2: A wireless security protocol utilizing AES encryption, considered secure against many attacks.
- WEP: An older wireless security protocol with known vulnerabilities, currently deprecated.
- SSID: The name of a wireless network, which can be hidden to improve security.
Port Numbers and Protocols
- FTP: Uses port numbers 20 and 21 for transferring files; port 21 is mainly for command and control.
- SMTP: Operates on port 25 for sending emails, while port 53 is used for DNS queries.
- HTTPS: Utilizes port 443 for secure web traffic.
Risk Management and Assessment
- ALE (Annual Loss Expectancy): Calculation of expected monetary loss due to identified risks in one year, based on threat probabilities and potential financial damage.
- Single Loss Expectancy (SLE): The financial impact of a single occurrence of a risk, calculated by the asset value (AV) multiplied by the exposure factor (EF).
Authentication and Security Frameworks
- EAP: Extensible Authentication Protocol, often used in wireless networks for secure authentication.
- MAC Filtering: Restricts network access based on the 48-bit MAC address of devices.
Miscellaneous Concepts
- Captive Portal: A web page that users must interact with before gaining broader access to a network.
- Change Management: A structured approach to managing changes in order to minimize disruptions or risks.
- False Negative: A scenario when an intrusion detection system fails to alert on an actual security breach.
- War Driving: The act of searching for Wi-Fi networks remotely while moving through an area, often used to identify unsecured networks.
Studying That Suits You
Use AI to generate personalized quizzes and flashcards to suit your learning preferences.
Description
Test your knowledge of key terms related to the Security+ certification with these flashcards. Each card presents a word along with its definition to help reinforce your understanding of cybersecurity concepts. Perfect for exam preparation!