Dumpster diving - Study guides, Class notes & Summaries

What is access control? - Answer-authorized entities can use a system when they need to. How is policy related to access control? - Answer-Policy driven control of access to systems, data, and dialogues. Examples of access control include barriers, passwords, and bio-metrics. What is the role of authentication in access control? - Answer-Verification (or not) of an individual's claim (usually of identity). What is the role of authorization in access control? - Answer-An entity (via his/her...

GIAC EXAM WITH COMPLETE QUESTIONS AND ANSWERS LATEST 2024/2025 || GRADED A+ | 100% Verified. Address resolution protocol - ANSWER Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table, usually called the ARP cache, is used to maintain a correlation between each MAC and its corresponding IP address What are the five threat vectors? - ANSWER Outside attack from network Outsider attack from telephone Insider attack from local netwo...

What prevents man-in-the-middle attack? correct answer: SMB What is the best technical solution for reducing the threat of man-in-the-middle attack? correct answer: PKI prevents eavesdropping and replay attack correct answer: Kerberos Which of these can protect against replay attack? correct answer: AH What protects against playback attack? correct answer: CHAP Which of the following may help prevent replay attack? correct answer: SSL What do you use to encrypt sensitive ...

SSCP #2 Exam Questions With Verified Answers A. All DNS servers to avoid recursive lookups B. All non DNS servers C. Firewalls D. Routers B - ANS IPSEC resides at which layer of the OSI model? A. Layer 6 - Presentation B. Layer 3 - Network C. Layer 4 - Transport D. Layer 5 - Session E. Layer 2 - Data Link F. Layer 1 - Physical D - ANS DES, 3DES, Blowfish, and AES are all examples of what type of cryptography? "Pass Any Exam. Any Time." - Guaranteed 36 B. Message Di...

GIAC EXAM WITH COMPLETE QUESTIONS AND ANSWERS LATEST 2024/2025 || GRADED A+. Ack Piggybacking - ANSWER The Practice of sending an ACK inside another packet going to the same destination Address resolution protocol - ANSWER Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table, usually called the ARP cache, is used to maintain a correlation between each MAC and its corresponding IP address What are the five threat vectors? - ANSWE...

Which of the following is an important aspect of evidence-gathering? Back up all log files and audit trails. Purge transaction logs. Restore damaged data from backup media. Monitor user access to compromised systems. - Back up all log files and audit trails. Which of the following items would be implemented at the Network layer of the security model? Wireless networks Network plans Firewalls using ACLs Penetration testing - Penetration testing Prepare to Document means establishing...

SANS GISCP and GIACAck Piggybacking - correct answer The Practice of sending an ACK inside another packet going to the same destination Address resolution protocol - correct answer Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table, usually called the ARP cache, is used to maintain a correlation between each MAC and its corresponding IP address What are the five threat vectors? - correct answer Outside attack from network Ou...

Ethical hacking Perpetrating exploits against a system with the intent to find vulnerabilities so that security weaknesses can be addressed and the system can be made more secure. Penetration testing The practice of finding vulnerabilities and risks with the purpose of securing the computer or network system. Red team An offensive security team that attempts to discover vulnerabilities in a network or computer system. Blue team A defensive security team that attempts to close vulnerabilities ...

Hacker Vocabulary Exam Questions with Answers Trap Doors - Answer-Security holes; employees might destroy data or even trade company secrets to competitors using these security holes. Pumping and Dumping - Answer-Crooks use internet stock trading sites or chat rooms to praise useless companies in which they hold stock. Once the share prices go up they take their profits and dump the stocks. Phishing - Answer-A web page that is designed to fool you into thinking it's something else, such...

BTE 210 Final Exam Study Guide Solutions security - ANSWER-The degree of protection against criminal activity, danger, damage, and/or loss information security - ANSWER-Protecting organization's information resources from unauthorized access, use, disclosure, disruption, modification, or destruction threat - ANSWER-any danger to which a system may be exposed exposure - ANSWER-the harm, loss or damage that can result if a threat compromises that resource vulnerability - ANSWER-the possib...