Pre-Course Assessment

What statement accurately defines what a race condition is and how it might affect a computer?

What feature of a mobile device management system could be used to restrict the use of an application containing confidential data to only a specific geographical area?

Providing the minimum amount of privileges necessary to perform a job or function is known as what security principle?

What statement correctly defines what a rainbow table is in relation to password attacks?

In what type of security policy might you define the required minimal security configuration for servers on the network?

When dealing with the preservation of evidence, who should be responsible for processing the evidence?

What are two items that are specifically part of the Secure DevOps methodology?

What type of malware specializes in avoiding detection by accessing lower layers of the operating system or by using undocumented functions to make alterations?

Of the two encryption modes supported by IPsec, what mode is more secure, and why?

What statement describes the Privacy Enhancement Mail (PEM) X.509 format?

When using application-based firewalls, what is NOT capable of being used to identify an application being used?

What block cipher mode of operation involves each ciphertext block being fed back into the encryption process to encrypt the next plaintext block?

You have been tasked with responding to a security incident involving the compromise of a manager's documents. You and your team have determined that the attacker involved copied files via a Bluetooth connection with the manager's unprotected cell phone. What kind of attack was this?

A client PC on your company's network is attempting to browse to a vendor's web page on the Internet, but the computer goes to a malicious web page instead. What two utilities can you use to verify that the DNS records are correct for the web page?

You are speaking to your CIO, and she has instructed you to ensure that the network is "five nines" in percentage of availability. What is the total yearly downtime that this allows?

A Bluetooth piconet is an example of what type of network topology?

What is NOT an advantage of using job rotation in a complex business environment?

What is the most secure form of IEEE 802.1x authentication?

What encryption protocol is used for the WPA2 wireless standard?

How does a distributed denial of service attack differ from a regular denial of service attack?

By creating a starting point for comparison purposes in order to apply targets and goals to measure success, what are you doing?

Per your company's data destruction policy, you have been tasked with the destruction of data on a magnetic hard drive. The policy employed by your company specifies that you must destroy the drive by reducing or eliminating the magnetic fields present in the drive. What method should you use?

When you are configuring password policy settings in Group Policy, what is the recommended setting for password reuse?

What two statements describe methods that can be employed by armored viruses in order to avoid detection?

What type of cryptography provides security comparable to asymmetric encryption with significantly reduced computational power and with smaller key sizes?

What are the two different types of one-time password that can be created?

When using OAuth, how are a user's username and password received by a third party server.

What DNS vulnerability can be specifically addressed by utilizing Domain Name System Security Extensions (DNSSEC)

What does a component's mean time between failures (MTBF) value determine?

When deploying sensors, collectors, and filters, where should they be placed in the network?