C178 Test Review 2a

its4forscience's version from 2018-01-17 00:23


Question Answer
detection system that is transparent, causes no slowdowns, but is costly and requires a lot of managamentNIDS (Network-based Intrusion Destection System)
Which OSes can run BitLocker?Windows Vista and Later, Windows Server 2008 and later
involves a hacker using a lookup tool to gain access to your DNS serverDNS footprinting
a brief summary of which party is responsible for what portion of the workMOU (Memorandum of Understanding)
(Policy Control) setting policies and procedures, and conducing trainingAdministrative controls
(Policy Control) physical controls, such as locks, lights, fences, and so onOperational controls
(Policy Control) preventing access to systems and data via the network, antivirus, IDSs, encryption, etcTechnical controls
(Policy Control) purpose is to stop something from happening, includes locked doors that keep intruders out, user training on potential harm, or even biometric devices and guards that deny access until authentication has occurredPreventive controls
policies that contain rules for creating user accounts and passwordsSecurity policies
trying to access resources that have the same access levelHorizontal privilege escalation
process of attempting to access sources with a higher access, such as admin privilegesVertical privilege escalation
used for extremely large amounts of data stored by a company, stored on SANBig Data
used to establish a network connection between two LANs using the InternetL2TP (Layer 2 Tunneling Protocol), (L2TP isn't secure, use IPSec w/ it)
IPSec doesn't establish a connection for tunneling, it just provides securityyeah, that's a thing
What info is included in a certificate revocation list (CRL) of a public key infrastructure (PKI)?list of serial numbers for revoked certificates, list of serial numbers for invalid certificates
designed for 95, 98, NT, 2000, this protocol provides data encryption along with password encryptionMS-CHAP (Microsoft Challenge Handshake Authentication Protocol)
allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner, uses time-stamped tickets to reduce the occurrence of replay attackKerberos