SYS-501 | FLASHCARDS| 544 questions| with complete solutions

Which category of IDS might increase logging activities, disable a service, or close a port as a response to a detected security branch? CORRECT ANSWERS: Active Detection Which port number does SSH use? CORRECT ANSWERS: Port 22 Which port number is used by SMB? CORRECT ANSWERS: TCP port 445 Which type of IDS or IPS uses an initial database of known attack types but dynamically alters their signatures based on learned behavior. CORRECT ANSWERS: Heuristic What is the size, in bits, of a Message Digest version 5 (MD5) hash? CORRECT ANSWERS: 128 bits Why should the proper chain of custody be ensured? CORRECT ANSWERS: So that evidence will be admissible in court What should you do to ensure that a wireless access point signal does not extend beyond its needed range? CORRECT ANSWERS: Reduce the power levels According to the CompTIA Security+ blueprint, what are the 7 aspects of forensics that must be considered? CORRECT ANSWERS: -capture system image -obtain network traffic and logs -capture video -record time offset -take hashes -capture screenshots -perform witness interviews What is a warm site? CORRECT ANSWERS: An alternate computing facility with telecommunications equipment but no computers What is the difference between Intrusive vs. Non-Intrusive vulnerability scans? CORRECT ANSWERS: -Intrusive: Probes devices and examines their responses vs. -Non-Intrusive: ID's active OS's, applications, and ports by scanning system attributes How do you ensure that data is removed from a mobile device that has been stolen? CORRECT ANSWERS: Use a remote wipe or sanitation program What is the difference between Credentialed and Non-Credentialed vulnerability scans? CORRECT ANSWERS: -Credentialed: Uses authentication to simulate an administrator or user vs.