practice questions

zackmax

thought I'd just start a general thread.

here is another


Which is replayed during a WEP attack?

1. initialization vectors
2. preshared keys
3. ticket exchange

Feels like #1 to me.

zackmax

security admin wants to keep users from plugging unapproved smartphones into their computers and transfer data.
which is the best control?

1. data loss prevention
2. mobile device management

cyberguypr

Mobile device management controls company phones. Does nothing for unapproved/personal devices (unless people voluntarily submit to BYOD policies, but this is outside the scope of the question). DLP controls movement of data across exfiltration vectors such as cloud, mobile, etc. so this is the answer.

zackmax

there is a remote vulnerbaility affecting all MF printers firmware. how to mitigate it?

1. create separate printer network
2. install patches on print server
3. run a vulnrability scan

zackmax

3 weeks after a programmer was terminated, helpdesk has several calls that computers are being infected with malware.
upon research it is found that employees downloaded a toolbar. the toolbar downloaded and installed the malicious code. which attack is this?

1. logic bomb
2. malicious add-on
3. XSS


I am leaning to malicious add-on, but there is a mention of a programmer leaving the company which makes me think logic bomb.

636-555-3226

zackmax wrote: »

3 weeks after a programmer was terminated, helpdesk has several calls that computers are being infected with malware.
upon research it is found that employees downloaded a toolbar. the toolbar downloaded and installed the malicious code. which attack is this?

1. logic bomb
2. malicious add-on
3. XSS


I am leaning to malicious add-on, but there is a mention of a programmer leaving the company which makes me think logic bomb.

standard malicious add-on. people install random crap from the first google result for "vlc" and click next a bunch of times then act surprised when their stuff starts going wrong

636-555-3226

zackmax wrote: »

there is a remote vulnerbaility affecting all MF printers firmware. how to mitigate it?

1. create separate printer network
2. install patches on print server
3. run a vulnrability scan

assuming there is a patch, patch the printer. VLANing will mitigate too unless people need to access the printer.

636-555-3226

zackmax wrote: »

thought I'd just start a general thread.

here is another


Which is replayed during a WEP attack?

1. initialization vectors
2. preshared keys
3. ticket exchange

Feels like #1 to me.

i'm not a wireless pentester, but i think IVs if memory serves ???

zackmax

636-555-3226 wrote: »

standard malicious add-on. people install random crap from the first google result for "vlc" and click next a bunch of times then act surprised when their stuff starts going wrong

things is, it says "print server" not printer. so I think separate network/vlan.

zackmax

what are fast and efficient crypto keys that do not use prime numbers and are usable with Diffie-Hellman ?

1. quantum key
2. elliptic curve
3. symmetric key
4. assymmetric key

zackmax

to filter client side Java input is to prevent which of the following?

1. sql injection
2. watering hole
3. xss
4. pharming

zackmax

which is most important layer of security for industrial control and SCADA network?

1. IPS
2. automated patch deployment
3. Anti virus

zackmax

what can be used to quicken and automate certificate revocation?

1. CRL
2. OCSP

zackmax

which one of these does both authentication and authorization?

1. kerberos
2. ldap
3. radius
4. tacacs+

CertifiedMonkey

zackmax wrote: »

which ONE of these does both authentication and authorization?

1. kerberos
2. ldap
3. radius
4. tacacs+

Don't understand this question. TACACS+ and RADIUS provide Authentication, Authorization and Accounting (AAA). Kerberos provides Authentication and Authorization (No Accounting). Can we choose more than one answer or am I missing something here?

zackmax

yep sorry might be a typo/mistake in that one