Security+ Study Guide-01 Mastering Security Basics Professional Development Flashcard

1.

FLASHCARD QUESTION

Front

Management within your organization has defined a use case to support the confidentiality of data stored in a database. Which of the following solutions will BEST meet this need? Hashing, Disk redundancies, Encryption, Patching

Back

Encryption

Answer explanation

Encryption is the best choice to provide confidentiality of any type of information, including data stored in a database.

Hashing supports a use case of supporting integrity.

Disk redundancies provide resilience and increase availability.

Patching systems increases availability and reliability

2.

FLASHCARD QUESTION

Front

Apu manages network devices in his store and maintains copies of the configuration files for all the managed routers and switches. On a weekly basis, he creates hashes for these files and compares them with hashes he created on the same files the previous week. Which use case is he MOST likely supporting?

Back

Supporting integrity

Answer explanation

He is most likely using a use case of supporting integrity. By verifying that the hashes are the same on the configuration files, he is verifying that he files have not changed.

Confidentiality is enforced with encryption, access controls, and steganography.

Encryption is a method of enforcing confidentiality, and it doesn't use hashes. Availability ensures systems are up and operational when needed.

3.

FLASHCARD QUESTION

Front

Which of the following is a cryptographic algorithm that will create a fixed-length output from a data file but cannot be used to re-create the original data file? Options: MD5, AES, IDS, SIEM

Back

MD5

Answer explanation

Message Digest 5 (MD5) is a hashing algorithm that creates a fixed-length, irreversible output. Hashing algorithms cannot re-create the original data file from just the hash.

Advanced Encryption Standard (AES) is an encryption algorithm, and you can re-create the original data file by decrypting it.

An intrusion detection system (IDS) is not a cryptographic algorithm but it is a detective control.

A security information and event management (SIEM) system provides centralized logging.

4.

FLASHCARD QUESTION

Front

What should be implemented to prevent outages in an e-commerce web server experiencing spikes in resource usage? Options: Elasticity, Scalability, Normalization, Stored procedures

Back

Elasticity

Answer explanation

Elasticity is the best choice because it allows the server to dynamically scale up or out as needed in response to high resource usage.

Scalability isn't the best answer because it is done manually, however, the high resource usage is random and manually adding resources can't respond to the random spikes quick enough.

Normalization refers to organizing tables and columns in a database to reduce redundant data and improve overall database performance.

Stored procedures are a group of SQL statements that execute as a whole and help prevent SQL injection attacks.

5.

FLASHCARD QUESTION

Front

An administrator recently installed an IDS to help reduce the impact of security incidents. Which of the following BEST identifies the control type of an IDS? Preventative, Physical, Deterrent, Detective

Back

Detective

Answer explanation

An intrusion detection system (IDS) is a detective control. It can detect malicious traffic after it enters a network.

A preventative control, such as an intrusion prevention system (IPS), prevent malicious traffic from entering the network. An IDS uses technology and is not a physical control.

Deterrent controls attempt to discourage a threat, but attackers wouldn't know if a system had an IDS, so the IDS can't deter attacks.

6.

FLASHCARD QUESTION

Front

Maggie works in the security section of the IT department. Her primary responsibilities are to monitor security logs, analyze trends reported by the SIEM, and validate alerts. Which of the following choices BEST identifies the primary security control she's implementing?

Back

Detective control

Answer explanation

Monitoring security logs, analyzing trend reports from a security information and event management (SIEM), and validating alerts from a SIEM are detective controls. Detective controls try to detect security incidents after they happened. A compensating control is an alternative control used when a primary security control is not feasible or is not yet deployed.

Preventative controls attempt to prevent incidents, but the scenario doesn't specifically describe any preventative controls.

A corrective control attempts to reverse the impact of a security incident after it has happened.

7.

FLASHCARD QUESTION

Front

A server in your network's DMZ was recently attacked. The firewall logs show that the server was attacked from an external IP address with the following socket: 72.52.230.233:6789. You want to see if the connection is still active. Which of the following would be BEST to use? Options: tracert, arp, netstat, dig

Back

netstat

Answer explanation

The netstat command can be sued to display a list of open connections, including both the IP address and the port (or a socket). None of the other commands display active connections.

The tracert command list the routers between two systems.

The arp command shows the contents of the Address Resolution Protocol (ARP) cache.

The dig command can be used on Linux system to query Domain Name System (DNS) servers.

8.

FLASHCARD QUESTION

Front

You suspect that traffic in your network is being rerouted to an unauthorized router within your network. Which command-line tool would help you narrow down the problem? Options: ping, tracert, ipconfig, netstat

Back

tracert

Answer explanation

You can use tracert to track packet flow through a network, and if an extra router has been added to your network, tracert will identify it.

You can use ping to check connectivity with a remote system, but it doesn't show the route.

The ipconfig command shows the network setting on a Windows computer, but it doesn't identify failed routers.

Netstat shows active connections and other network statistics on a local system, but it doesn't identify network paths.

9.

FLASHCARD QUESTION

Front

You're troubleshooting a connectivity issue with a server that has an IP address of 192.168.1.10 from your Linux system. The server does not respond to the ping command, but you suspect that a router is blocking the ping traffic. Which tool would you use to verify the server is responding to traffic? (Options: hping, ipconfig, netstat, arp)

Back

hping

Answer explanation

The hping command can be used in place of the ping command when network devices are blocking ping commands using Internet Control Message Protocol (ICMP) traffic.

It can send packets using TCP and other protocols instead of ICMP.

The ipconfig command is used to view TCP/IP configuration information.

Netstat shows active connections and network statistics. The arp command shows the contents of the arp cache and does not use echo commands.

10.

FLASHCARD QUESTION

Front

Lisa is manually searching through a large log file on a Linux system looking for brute force attack indicators. Which command will simplify this process for her? Options: grep, head, tail, cat

Back

grep

Answer explanation

The grep command (short for globally search a regular expression and print) is used to search for a specific string o pattern of text within a file and simplifies the search. None of the other answers listed search the entire file.

The head command shows only a specific number of lines at the beginning of a file, and the tail command shows only a specific number of lines at the end of a file.

The cat command (short for concatenate) is used to display the entire contents of a file but doesn't narrow the search for specific text strings in a brute force attack.

Create a free account and access millions of resources

Similar Resources on Quizizz

Popular Resources on Quizizz

Discover more resources for Computers