Current research indicates that a long, random string of words, such as correct horse battery staple is much more secure than a random series of letters, numbers, and symbols that is short enough to be remembered.TrueIt is ideal to use the same password for multiple different applications, provided the password is complex enough.FalseWhich penetration testing tool combines known scanning and exploit techniques to explore potentially new attack routes?metasploitWhich of the following statements correctly describes the malware characteristic of polymorphism?Polymorphic malware can change its characteristics every time its transferred to a new systemA virus that remains dormant until a specific condition is met, such as the changing of a file or a match of the current date is known as what kind of malware?Logic bombWhich of the following statements describes a worm?A program that runs independently of other software and travels between computers a across networksIf multiple honeypots are connected to form a larger network, what term is used to describe the network?HoneynetAn attack that relies on redirected and captured secure transmissions as they occur is known as what type of attack?Man-in-the-Middle attackWhich of the following scenarios represents a phishing attempt?An email was sent to a manager at your company that appeared to be from the company's CTO, asking for accessIn a red team blue team exercise, what is the purpose of the blue team?The blue team is charged with defending the networkWhich of the following utilities performs sophisticated vulnerability scans, and can identify unencrypted data such as credit card numbers?NessusIf someone is offered a free gift or service in exchange for private information or access to a computer system, what type of social engineering is taking palce?Quid pro quoA person posing as an employee strikes up a conversation with a legitimate employee as they walk into a secured area, in an attempt to gain access. What kind of social engineering is this?TailgatingIn the typical social engineering attack cycle, what occurs in Phase 3?The attacker exploits an action undertaken by the victim in order to gain accessThe concept of giving employees and contractors only enough access and privileges to do their jobs is known by what term?Principle of least privilegeWhat statement regarding denial of service attacks is accurate?A denial of service attack prevents legitimate users from accessing normal network resourcesUtilized by China's so called "Great Firewall", what type of attack can prevent user access to web pages, or even redirect them to illegitimate web pages?DNS poisoningWhat is the Nmap utility used for?It is a port scanning utility that can identify open ports on a hostHow is a posture assessment performed on an organization?A thorough examination of each aspect of the organization's network is performed to determine how it might be compromisedWhat type of door access control is physical or electronic lock that requires a code to open the door?Cipher lockAn RFID label on a box is an example of what type of physical security detection method?Asset tracking taggingWhat statement regarding the different versions of the SHA hashing algorithm is accurate?SHA-2 and SHA-3 both support the same hash lengthsOn a Linux based system, what command can you use to create a hash of a file using SHA-256?sha256sumWhat command can be used on a Windows system to create a hash of a file?Get-FileHashVMware's AirWatch and Cisco's Meraki Systems Manager are both examples of what type of software?Mobile device management softwareA variant of BYOD, what does CYOD allow employees or students to do?They can choose a device from a limited number of optionsWhere would restrictions regarding what users can and cannot do while accessing a network's resources be found?Acceptable use policy documentWhat document addresses the specific concerns related to special access given to administrators and certain support staff?Privileged user agreementWhich of the following scenarios would necessitate the use of a non disclosure agreement?Your company needs to prevent a new contractor from sharing information with a potential competitorHow often should you require users to change their passwords?Every 60 daysWhat type of attack forces clients off a wireless networ, creating a form of Wi-Fi DoS?Deauthentication attackWhich type of DoS attack involves an attack that is bounced off uninfected computers before being directed at the target?Distributed reflection denial of service attackWhich of the following utilities performs sophisticated vulnerability scans and can identify unencrypted data such as credit card numbers Group of answer choices?christ please help me with this.. What is the nmap utility used for group of answer choices?Nmap (Network Mapper) is a free, open source utility for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts.
What IEEE standard includes an encryption key generation and management scheme known as TKIP?TKIP (Temporal Key Integrity Protocol) is an encryption protocol included as part of the IEEE 802.11i standard for wireless LANs (WLANs). It was designed to provide more secure encryption than the notoriously weak Wired Equivalent Privacy (WEP), the original WLAN security protocol.
What does CYOD allow employees or students?A variant of BYOD, what does CYOD allow employees or students to do? a. They can supply their own software on a computer or mobile device.
|