1. If an asymmetric algorithm uses a public key to encrypt data, what is used to decrypt it?
a private key
2. Which IETF standard defines the PKI digital certificate format?
3. Which statement describes the use of hashing?
Hashing can be used to detect accidental changes, but does not protect against deliberate changes.
4. What is the purpose of the DH algorithm?
to generate a shared secret between two hosts that have not communicated before
5. Fill in the blank.
The SHA-224, SHA-256, SHA-384, and SHA-512 hash functions are known collectively as SHA-2 algorithms.
6. Alice and Bob want to use a CA authentication procedure to authenticate each other. What must be obtained first?
CA self-signed certificate
7. Which two statements correctly describe certificate classes used in the PKI? (Choose two.)
A class 0 certificate is for testing purposes.
A class 4 certificate is for online business transactions between companies.
8. What is the purpose of code signing?
integrity of source .EXE files
9. In a hierarchical CA topology, where can a subordinate CA obtain a certificate for itself?
from the root CA or another subordinate CA at a higher level
10. Which cryptographic technique provides both data integrity and nonrepudiation?
11. Which objective of secure communications is achieved by encrypting data?
12. Which algorithm can ensure data confidentiality?
13. What are two symmetric encryption algorithms? (Choose two.)
14. Refer to the exhibit of a partial window within the Windows operating system. What type of cryptographic process is shown?
15.In profiling a server, what defines what an application is allowed to do or run on a server?
16. In addressing an identified risk, which strategy aims to decrease the risk by taking measures to reduce vulnerability?
17. In network security assessments, which type of test is used to evaluate the risk posed by vulnerabilities to a specific organization including assessment of the likelihood of attacks and the impact of successful exploits on the organization?
18. Which antimalware software approach can recognize various characteristics of known malware files to detect a threat?
19. Which class of metric in the CVSS Base Metric Group defines the features of the exploit such as the vector, complexity, and user interaction required by the exploit?
20. As described by the SANS Institute, which attack surface includes the exploitation of vulnerabilities in wired and wireless protocols used by IoT devices?
network attack surface
21. Which step in the Vulnerability Management Life Cycle performs inventory of all assets across the network and identifies host details, including operating system and open services?
22. Fill in the blank.
An application blacklist can specify which user applications are not permitted to run on a host.
23. In Windows Firewall, when is the Domain profile applied?
when the host is connected to a trusted network such as an internal business network
24. Which HIDS is an open-source based product?
25. Which regulatory compliance regulation specifies security standards for U.S. government systems and contractors to the U.S. government?
Federal Information Security Management Act of 2002 (FISMA)
26. Which three devices are possible examples of network endpoints? (Choose three.)
network security camera
27. Which function does CVSS provide?