CertiGuide to Security+  9  Chapter 1:  General Security Concepts (Domain 1.0; 30%)

1.8  Summary 1 1.10  Success Answers

1. Enforcing minimum privileges for general system users can be easily achieved through the use of:

A. RBAC

B. PRVMIN

C. TSTEC

D. IPSEC

2. What process determines who is trusted for a given purpose?

A. Authorization

B. Authentication

C. Identification

D. Accounting

3. Which of the following tools can you use to assess your network's vulnerability?

A. ISS

B. Ballista

C. SATAN

D. No Answer is Correct

4. Which of the following services should be logged for security purpose?

A. bootp

B. tftp

C. sunrpc

D. No Answer is Correct

5. An attack in which a duplicate MD5 hash to a message or document is known as a

A. Hash attack

B. Birthday attack

C. PGP attack

D. All choices are correct

E. No choice is correct

6. An attack against an authentication server can be accomplished by

A. Brute force attack

B. Dictionary attack

C. A server without a failed login attempt counter enabled

D. Teardrop attack

7. Select the types of malicious code from the choices given

A. Viruses

B. Trojan Horses

C. Logic Bombs

D. Worms

E. Foxes

8. What is the name of the attack that masquerades as one type of program but has hidden functions?

A. Worm

B. Logic Bomb

C. Virus

D. Trojan Horse

E. All are correct choices

9. What is the name of malicious code that does not require a host program and can replicate itself across a network?

A. Logic Bomb

B. Trojan Horse

C. Virus

D. Worm

E. No choice is correct

10. The type of attack that cannot be detected with any technology is

A. Robbery

B. Social engineering

C. Trojan Horse

D. Worm

E. DoS attack

1.8  Summary 1 1.10  Success Answers