Midterm part 2
Cards (69)
- A company's IT manager has advised the business's executives to use a method of decentralized access control rather than centralized to avoid creating a single point of failure. She selects a common protocol that hashes passwords with a one-time challenge number to defeat eavesdropping-based replay attacks. What is this protocol?
- An automatic teller machine (ATM) uses a form of constrained user interface to limit the user's ability to access resources in the system. Specifically for ATMs, which method is being used?
- Anya is a cybersecurity engineer for a high-secrecy government installation. She is configuring biometric security that will either admit or deny entry using facial recognition software. Biometric devices have error rates and certain types of accuracy errors that are more easily tolerated depending on need. In this circumstance, which error rate is she likely to allow to be relatively high?
- Arturo is a network engineer. He wants to implement an access control system in which the owner of the resource decides who can change permissions, and permission levels can be granted to specific users, groups of people in the same or similar job roles, or by project. Which of the following should Arturo choose?
- Devaki is evaluating different biometric systems. She understands that users might not want to subject themselves to retinal scans due to privacy concerns. Which concern of a biometric system is she considering?
- Jackson is a cybercriminal. He is attempting to keep groups of a company's high-level users from accessing their work network accounts by abusing a policy designed to protect employee accounts. Jackson attempts to log in to their work accounts repeatedly using false passwords. What security method is he taking advantage of?
- Keisha is a network administrator. She wants a cloud-based service that will allow her to load operating systems on virtual machines and manage them as if they were local servers. What service is Keisha looking for?
- Lincoln is a network security specialist. He is updating the password policy for his company's computing infrastructure. His primary method of improving password policy involves lowering the chance that an attacker can compromise and use the password before it expires. What does he do?
- Maria is using accounting software to compile sensitive financial information. She receives a phone call and then momentarily leaves her desk. While she's gone, Bill walks past her cubicle and sees that she has not locked her desktop and left data exposed. Bill uses his smartphone to take several photos of this data with the intent of selling it to the company's competitor. What access control compromise is taking place?
- The ___________ is the central part of a computing environment's hardware, software, and firmware that enforces access control.
- Tomahawk Industries develops weapons control systems for the military. The company designed a system that requires two different officers to enter their access codes before allowing the system to engage. Which principle of security is this following?
- What is an example of two-factor authentication (2FA)?
- Which type of authentication includes smart cards?
- Which type of password attack is used on weak passwords and compares a hashed value of the passwords to the system password file to find a match?
- Alice and Bob would like to communicate with each other using a session key, but they do not already have a shared secret key. Which algorithm can they use to exchange a secret key?
- Alice would like to send a message to Bob securely and wishes to use asymmetric encryption to encrypt the contents of the message. What key does she use to encrypt this message?
- Alice would like to send a message to Bob using a digital signature. What cryptographic key does Alice use to create the digital signature?
- Bob is sending a message to Alice. He wants to ensure that nobody can read the content of the message while it is in transit. What goal of cryptography is Bob attempting to achieve?
- Bob is sending a message to Alice. He wants to ensure that nobody tampers with the message while it is in transit. What goal of cryptography is Bob attempting to achieve?
- Bob received a message from Alice that contains a digital signature. What cryptographic key does Bob use to verify the digital signature?
- Juan is a wireless security professional. He is selecting a standard for wireless encryption protocols for access points and devices for his agency. For the highest security, which protocol should Juan choose?
- Maria receives a ciphertext message from her colleague Wen. What type of function does Maria need to use to read the plaintext message?
- Security objectives add value to relationships between businesses or between businesses and their customers. Which objective binds a message or data to a specific entity?
- Some ciphers, regardless of type, rely on the difficulty of solving certain mathematical problems, which is the basis for asymmetric key cryptography. Which of the following is a branch of mathematics that involves multiplicative inverses that these ciphers use?
- What is not a symmetric encryption algorithm?
- What is the only unbreakable cipher when it is used properly?
- When Alice receives a message from Bob, she wants to be able to demonstrate to Miriam that the message actually came from Bob. What goal of cryptography is Alice attempting to achieve?
- Which approach to cryptography uses highly parallel algorithms that could solve problems in a fraction of the time needed by conventional computers?
- Which cryptographic attack is relevant in only asymmetric key systems and hash functions?
- Which information security objective verifies the action to create an object or verifies an object's existence by an entity other than the creator?
- Which of the following is not an objective of cryptanalysis, the process of breaking codes?
- Which of the following is not true of hash functions?
- Which set of characteristics describes the Caesar cipher accurately?
- Which type of cipher works by rearranging the characters in a message?
- A ________ is used to identify the part of an Ethernet network where all hosts share the same host address.
- Arturo would like to connect a fibre channel storage device to systems over a standard data network. What protocol should he use?
- Because network computers or devices may host several services, programs need a way to tell one service from another. To differentiate services running on a device, networking protocols use a(n) ________, which is a short number that tells a receiving device where to send messages it receives.
- Bob has a high-volume virtual private network (VPN). He would like to use a device that would best handle the required processing power. What type of device should he use?
- Carl recently joined a new organization. He noticed that the firewall technology used by the firm opens separate connections between the devices on both sides of the firewall. What type of technology is being used?
- Hajar is investigating a denial of service attack against her network. She notices that the Internet Control Message Protocol (ICMP) echo replies coming into her network far exceed the ICMP echo requests leaving her network. What type of attack is likely taking place?