Architecture and Design (5)

Question 1

Emily manages the IDS/IPS for her network. She has an NIPS installed and properly configured. It is not detecting obvious attacks on one specific network segment. She has verified that the NIPS is properly configured and working properly. What would be the most efficient way for her to address this?

Implement port mirroring for that segment.

Install an NIPS on that segment.

Upgrade to a more effective NIPS.

Answer 1

Implement port mirroring for that segment.

The NIPS is not seeing the traffic on that network segment. By implementing port mirroring, the traffic from that segment can be copied to the segment where the NIPS is installed

Question 2

You have been instructed to find a VPN solution for your company. Your company uses TACACS+ for remote access. Which of the following would be the best VPN solution for your company?

PPTP

RADIUS

L2TP

Answer 2

L2TP

Layer 2 Tunneling Protocol is a VPN technology that supports a wide range of remote access methods, including TACACS+. L2TP also supports a range of protocols, including ATM and X.25

Question 3

Jacob is the CIO for a mid-sized company. His company has very good security policies and procedures. The company has outsourced its web application development to a well-known web programming company. Which of the following should be the most important security issue for Jacob to address?

The web application vendor’s hiring practices

The financial stability of the web application vendor

Security practices of the web application vendor

Answer 3

Security practices of the web application vendor

Whenever any part of your business process is outsourced, you need to ensure that the vendor meets or exceeds all of your security policies and procedures. Supply chain assessment security is a critical issue

Question 4

Gerard is responsible for physical security at his company. He is considering using cameras that would detect a burglar entering the building at night. Which of the following would be most useful in accomplishing this goal?

Motion-sensing camera

Infrared-sensing camera

Sound-activated camera

Answer 4

Infrared-sensing camera

Infrared can still detect at night. A burglar is likely to be in the building at dark, so detecting via infrared is important

Question 5

Tim is implementing a Faraday cage around his server room. What is the primary purpose of a Faraday cage?

Regulate current

Block intrusions

Block EMI

Answer 5

Block EMI

A Faraday cage is a metal wire mesh designed to block electromagnetic interference. Options A, B, and C are all incorrect. These are not functions of a Faraday cage

Question 6

You are working for a large company. You are trying to find a solution that will provide controlled physical access to the building and record every employee who enters the building. Which of the following would be the best for you to implement?

A security guard with a sign-in sheet

Smart card access

A camera by the entrance

Answer 6

Smart card access

Smartcards can be used to allow entrance into a building. The smartcard can also store information about the user, and thus the system can log who enters the building

Question 7

David is responsible for cryptographic keys in his company. What is the best way to deauthorize a public key?

Send out a network alert.

Delete the digital certificate.

Publish that certificate in the CRL.

Answer 7

Publish that certificate in the CRL.

Certificate revocation lists are designed specifically for revoking certificates. Since public keys are distributed via certificates, this is the most effective way to deauthorize a public key

Question 8

Thomas is trying to select the right fire extinguisher for his company’s server room. Which of the following would be his best choice?

Type A

Type B

Type C

Answer 8

Type C

Type C fire extinguishers are used for electrical fires, including computer equipment fires

Question 9

Carole is concerned about security for her server room. She wants the most secure lock she can find for the server room door. Which of the following would be the best choice for her?

Combination lock

Key-in-knob

Deadbolt

Answer 9

Deadbolt

Of the locks listed here, deadbolts are the most secure. The locking bolt goes into the door frame, making it more secure

Question 10

What is the ideal humidity range for a server room?

70% to 80%

40% to 60%

Below 30%

Answer 10

40% to 60%

Forty percent to 60 percent is considered ideal humidity. High humidity can cause corrosion, and low humidity can cause electrostatic discharge

Question 11

Molly is implementing biometrics in her company. Which of the following should be her biggest concern?

FAR

FRR

CER

Answer 11

FAR

False acceptance rate is the rate at which the system incorrectly allows in someone it should not. This is clearly a significant concern

Question 12

Daniel is responsible for physical security in his company. All external doors have electronic smart card access. In an emergency such as a power failure, how should the doors fail?

Fail secure

Fail closed

Fail open

Answer 12

Fail open

Physical locks must always fail open, which is also called fail safe. The safety of employees must take precedence over the safety of property. If the lock does not fail open, then employees could be trapped in the building

Question 13

Donald is responsible for networking for a defense contractor. He is concerned that emanations from UTP cable could reveal classified information. Which of the following would be his most effective way to address this?

Migrate to CAT 7 cable.

Implement protected cabling.

Place all cable in a Faraday cage.

Answer 13

Implement protected cabling.

Protected cabling will secure the cable and prevent anyone from eavesdropping. These systems, also called protected distribution systems, use a variety of safeguards so that classified information can be sent unencrypted

Question 14

Fred is responsible for physical security in his company. He wants to find a good way to protect the USB thumb drives that have BitLocker keys stored on them. Which of the following would be the best solution for this situation?

Store the drives in a secure cabinet.

Encrypt the thumb drives.

Don’t store BitLocker keys on these drives.

Answer 14

Store the drives in a secure cabinet.

A secure cabinet is tamper proof and provides a good place to store anything you are trying to physically protect

Question 15

Juanita is responsible for servers in her company. She is looking for a fault-tolerant solution that can handle two drives failing. Which of the following should she select?

RAID 3

RAID 5

RAID 6

Answer 15

RAID 6

RAID 6, disk striping with dual parity, uses a minimum of four disks with distributed parity bits. RAID 6 can handle up to two disks failing

Question 16

You are a network administrator for a mid-sized company. You need all workstations to have the same configuration. What would be the best way for you to accomplish this?

Implement a policy requiring all workstations to be configured the same way.

Ensure all computers have the same version of the operating system and the same applications installed.

Use a master image that is properly configured and image all workstations from that.

Answer 16

Use a master image that is properly configured and image all workstations from that.

The correct answer is to use a master image that is properly configured and to create all workstations from that image. This is a standard way large corporations configure systems

Question 17

Mike is a network administrator for an e-commerce company. There have been several updates to the operating system, the web server software, and the web application, all within the last 24 hours. It appears that one of these updates has caused a significant security problem. What would be the best approach for Mike to take to correct this problem?

Remove the updates one at a time to see which corrects the problem.

Roll the server back to the last known good state.

Investigate and find out which update caused the problem, and remove only that update.

Answer 17

Roll the server back to the last known good state.

There is now a serious security issue on the web server. The primary concern must be to correct this. Rolling back to the last known good state will immediately correct the problem; then Mike can investigate to find the cause

Question 18

Ixxia is responsible for security at a mid-sized company. She wants to prevent users on her network from visiting job-hunting sites while at work. Which of the following would be the best device to accomplish this goal?

Proxy server

NAT

Firewall

Answer 18

Proxy server

A web proxy can be used to block certain websites. It is common practice for network administrators to block either individual sites or general classes of sites (like job-hunting sites)

Question 19

You are responsible for an e-commerce site. The site is hosted in a cluster. Which of the following techniques would be best in assuring availability?

Aggregate switching

An SSL accelerator

Load balancing

Answer 19

Load balancing

Load balancing the cluster will prevent any single server from being overloaded. And if a given server is offline, other servers can take on its workload

Question 20

When you are concerned about application security, what is the most important issue in memory management?

Never allocate a variable any larger than is needed.

Always check bounds on arrays.

Make sure you release any memory you allocate.

Answer 20

Make sure you release any memory you allocate.

Failure to release memory you have allocated can lead to a memory leak. Therefore, if you are using a programming language like C++ that allows you to allocate memory, make certain you deallocate that memory as soon as you are finished using it

Question 21

Darrel is looking for a cloud solution for his company. One of the requirements is that the IT staff can make the transition with as little change to the existing infrastructure as possible. Which of the following would be his best choice?

Off-premises cloud

On-premises cloud

Hybrid solution

Answer 21

Off-premises cloud

Off-premises clouds are always less expensive and require less changes to the existing infrastructure. That is true for public, private, or community clouds

Question 22

Ryan is concerned about the security of his company’s web application. Since the application processes confidential data, he is most concerned about data exposure. Which of the following would be the most important for him to implement?

WAF

TLS

NIPS

Answer 22

TLS

The correct answer is to encrypt all the web traffic to this application using Transport Layer Security (TLS). This is one of the most fundamental security steps to take with any website

Question 23

Arjun has just taken over web application security for a small company. He notices that some values are temporarily stored in hidden fields on one of the web pages. What is this called and how would it be best characterized?

This is data hiding, a weak security measure.

This is obfuscation, a possible security flaw.

This is data hiding, a possible security flaw.

Answer 23

This is obfuscation, a possible security flaw.

This is commonly called obfuscation. Many years ago (i.e., late 1990s) it was thought of as a weak security measure. Today it can only be thought of as a possible security flaw and should not be used

Question 24

What is the primary reason a company would consider implementing Agile programming?

To speed up development time

To focus more on design

To focus more on testing

Answer 24

To speed up development time

Agile programming was developed specifically to speed up development time. Although it is not appropriate for all projects, it has become quite popular

Question 25

When you’re implementing security cameras in your company, which of the following is the most important concern?

High-definition video

How large an area the camera can cover

Security of the camera and video storage

Answer 25

Security of the camera and video storage

The most important issue is that the camera itself is tamper proof and that the data stored is tamper proof. Wireless security cameras are an example of home automation and is one of the driving factors behind the IoT movement

Question 26

What is the primary security issue presented by monitors?

Unauthorized users may see confidential data.

Data can be detected from electromagnetic emanations.

Poor authentication

Answer 26

Unauthorized users may see confidential data.

A monitor displays data, and it is possible others can see that data. For example, traveling employees with laptops may inadvertently disclose data on their monitor that someone else can see. For this reason, screen filters are recommended for laptops

Question 27

Clark is responsible for mobile device security in his company. Which of the following is the most important security measure for him to implement?

Encrypted drives

Patch management

Remote wiping

Answer 27

Patch management

Just like desktops, laptops, and servers, patch management is a fundamental security issue and must be addressed. Many malware outbreaks and other breaches can be prevented by simply having good patch management

Question 28

Which of the following security measures is most effective against phishing attacks?

User training

NIPS

Spam filters

Answer 28

User training

Phishing depends on deceiving the user. The only true protection against that is proper user training. There are some technologies that can reduce the chance of phishing emails getting through, but none can stop all phishing emails. The best protection is user training

Question 29

You are the CISO for a mid-sized health care company. Which of the following is the most important for you to implement?

Contractual requirements

Strong security policies

Regulatory requirements

Answer 29

Regulatory requirements

Regulatory requirements are enforced by law. You must implement these; therefore, they are the most important