Burgers
What social engineering principle convinces a victim an immediate action is needed?
A - Urgency
See Ch. 2: Malware and Social Engineering Attacks, Section - Psychological Approaches
What protocol supports two encryption modes: transport and tunnel?
A - IPSec
See Ch. 4: Advanced Cryptography and PKI, Section - IP Security (IPsec)
What type of malware is heavily dependent on a user in order to spread?
A - Virus
See Ch. 2: Malware and Social Engineering Attacks, Section - Circulation
What technology will examine the current state of a network device before allowing it to connect to the network and force any device that does not meet a specified set of criteria to connect only to a quarantine network?
A - NAC (Network Access Control)
See Ch. 6: Network Security Devices, Design, and Technology, Section - Network Access Control (NAC)
A publicly accessible centralized directory of digital certificates is known as what?
A - A certificate repository (CR)
See Ch. 4: Advanced Cryptography and PKI, Section - Managing Digital Certificates
The management in your corporate office needs to group users on the network together logically even though they are attached to separate network switches. How can this be done?
A - Create a VLAN and add the users' computers / ports to the correct VLAN
See Ch. 6: Network Security Devices, Design, and Technology, Section - Network Segregation
What term is used to describe state-sponsored attackers that are used for launching computer attacks against their foes?
A - Nation State Actors
See Ch. 1: Introduction to Security, Section - Nation State Actors
What kind of software program delivers advertising content in a manner that is unexpected and unwanted by the user, and is typically included in malware?
A - Adware
See Ch. 2: Malware and Social Engineering Attacks, Section - Payload Capabilities
What social engineering principle frightens and coerces a victim by using threats?
A - Intimidation
See Ch. 2: Malware and Social Engineering Attacks, Section - Psychological Approaches
When Bob needs to send Alice a message with a digital signature, whose private key is used to encrypt the hash?
A - Bob's private key
See Ch. 3: Basic Cryptography, Section - Asymmetric Cryptographic Algorithms
What type of network access control uses Active Directory to scan a device to verify that it is in compliance?
A - Agentless NAC
See Ch. 6: Network Security Devices, Design, and Technology, Section - Network Access Control (NAC)
When VPN network traffic is routing only some traffic over the secure VPN while other traffic directly accesses the Internet, what technology is being used?
A - Split Tunneling
See Ch. 6: Network Security Devices, Design, and Technology, Section - Network Security Hardware
Which 2 ways can a browser check the validity or status of a certificate?
A - CRL (Certificate Revocation List) and OCSP (Online Certificate Status Protocol)
See Ch. 4: Advanced Cryptography and PKI, Section - Managing Digital Certificates
One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by who?
A - The federal government
See Ch. 1: Introduction to Security, Section - Understanding the Importance of Information Security
What type of diversity is being implemented if a company is using multiple security products from different manufacturers?
A - Vendor diversity
See Ch. 1: Introduction to Security, Section - Fundamental Security Principles
Malware that locks or prevents a device from functioning properly until a fee has been paid is known as:
A - Ransomware
See Ch. 2: Malware and Social Engineering Attacks, Section - Infection
What alternative term can be used to describe asymmetric cryptographic algorithms?
A - Public Key Cryptography
See Ch. 3: Basic Cryptography, Section - Asymmetric Cryptographic Algorithms
What type of monitoring compares network traffic, activities, transactions, or behavior against a database of known attack patterns?
A - Signature-based
See Ch. 6: Network Security Devices, Design, and Technology, Section - Network Security Hardware
What common method (best practice) is used to ensure the security of a root CA?
A - Keep it in an offline state from the network.
See Ch. 4: Advanced Cryptography and PKI, Section - Managing Digital Certificates
A malware that appears to have a legitimate use, but contains something malicious is known as a what?
A - Trojan
See Ch. 2: Malware and Social Engineering Attacks, Section - Infection
What type of attack intercepts communication between parties to steal or manipulate the data?
A - Man-in-the-middle or Man-in-the-browser
See Ch. 5: Networking and Server Attacks, Section - Interception
What technology enables authorized users to use an unsecured public network, such as the Internet as if it were a secure private network?
A - VPN
See Ch. 6: Network Security Devices, Design, and Technology, Section - Network Security Hardware
Which type of phishing attack targets specific users?
A - Spear Phishing
See Ch. 2: Malware and Social Engineering Attacks, Section - Psychological Approaches
A web server must be accessible to untrusted outside users. What network zone should be created to isolate this host and any additional hosts with similar requirements from more secured hosts on a network?
A - Create a DMZ, add necessary hosts
See Ch. 6: Network Security Devices, Design, and Technology, Section - Security Zones
What class of attacks use innovative attack tools and once a system is infected it silently extracts data over an extended period?
A - Advanced Persistent Threat
See Ch. 1: Introduction to Security, Section - Nation State Actors