Deck C Flashcards

1
Q

While setting up a secure wireless corporate network, which of the following should Peter, an administrator, avoid implementing?

A. EAP-TLS

B. PEAP

C. WEP

D. WPA

A

WEP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

During a routine audit a web server is flagged for allowing the use of weak ciphers. Which of the following should be disabled to mitigate this risk? (Select TWO).

A. SSL 1.0

B. RC4

C. SSL 3.0

D. AES

E. DES

F. TLS 1.0

A

SSL 1.0

DES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices. Which of the following attacks does this action remediate?

A. Dumpster Diving

B. Impersonation

C. Shoulder Surfing

D. Whaling

A

Shoulder Surfing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

An auditing team has found that passwords do not meet best business practices. Which of the following will MOST increase the security of the passwords? (Select TWO).

A. Password Complexity

B. Password Expiration

C. Password Age

D. Password Length

E. Password History

A

Password Complexity

Password Length

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?

A. Sniffer

B. Router

C. Firewall

D. Switch

A

Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which of the following BEST describes the weakness in WEP encryption?

A. The initialization vector of WEP uses a crack-able RC4 encryption algorithm. Once enough packets are captured an XOR operation can be performed and the asymmetric keys can be derived.

B. The WEP key is stored in plain text and split in portions across 224 packets of random data. Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain text key.

C. The WEP key has a weak MD4 hashing algorithm used. A simple rainbow table can be used to generate key possibilities due to MD4 collisions.

D. The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.

A

The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO).

A. Tethering

B. Screen lock PIN

C. Remote wipe

D. Email password

E. GPS tracking

F. Device encryption

A

Remote wipe

Device encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A security engineer is given new application extensions each month that need to be secured prior to implementation. They do not want the new extensions to invalidate or interfere with existing application security. Additionally, the engineer wants to ensure that the new requirements are approved by the appropriate personnel. Which of the following should be in place to meet these two goals? (Select TWO).

A. Patch Audit Policy

B. Change Control Policy

C. Incident Management Policy

D. Regression Testing Policy

E. Escalation Policy

F. Application Audit Policy

A

Change Control Policy

Regression Testing Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following technologies uses multiple devices to share work?

A. Switching

B. Load balancing

C. RAID

D. VPN concentrator

A

Load balancing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following would Peter, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers?

A. Packet filtering firewall

B. VPN gateway

C. Switch

D. Router

A

VPN gateway

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Peter Has read and write access to his own home directory. Peter and Ann are collaborating on a project, and Peter would like to give Ann write access to one particular file in this home directory. Which of the following types of access control would this reflect?

A. Role-based access control

B. Rule-based access control

C. Mandatory access control

D. Discretionary access control

A

Discretionary access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

When performing the daily review of the system vulnerability scans of the network Peter, the administrator, noticed several security related vulnerabilities with an assigned vulnerability identification number. Peter researches the assigned vulnerability identification number from the vendor website. Peter proceeds with applying the recommended solution for identified vulnerability.
Which of the following is the type of vulnerability described?

A. Network based

B. IDS

C. Signature based

D. Host based

A

Signature based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Symmetric encryption utilizes __________, while asymmetric encryption utilizes _________.

A. Public keys, one time

B. Shared keys, private keys

C. Private keys, session keys

D. Private keys, public keys

A

Private keys, public keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A company’s legacy server requires administration using Telnet. Which of the following protocols could be used to secure communication by offering encryption at a lower OSI layer? (Select TWO).

A. IPv6

B. SFTP

C. IPSec

D. SSH

E. IPv4

A

IPv6

IPSec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A supervisor in the human resources department has been given additional job duties in the accounting department. Part of their new duties will be to check the daily balance sheet calculations on spreadsheets that are restricted to the accounting group. In which of the following ways should the account be handled?

A. The supervisor should be allowed to have access to the spreadsheet files, and their membership in the human resources group should be terminated.

B. The supervisor should be removed from the human resources group and added to the accounting group.

C. The supervisor should be added to the accounting group while maintaining their membership in the human resources group.

D. The supervisor should only maintain membership in the human resources group.

A

The supervisor should be added to the accounting group while maintaining their membership in the human resources group.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is an effective way to ensure the BEST temperature for all equipment within a datacenter?

A. Fire suppression

B. Raised floor implementation

C. EMI shielding

D. Hot or cool aisle containment

A

Hot or cool aisle containment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?

A. 25

B. 68

C. 80

D. 443

A

68

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which of the following hardware based encryption devices is used as a part of multi-factor authentication to access a secured computing system?

A. Database encryption

B. USB encryption

C. Whole disk encryption

D. TPM

A

TPM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

An attacker attempted to compromise a web form by inserting the following input into the username field: admin)(|(password=*)) Which of the following types of attacks was attempted?

A. SQL injection

B. Cross-site scripting

C. Command injection

D. LDAP injection

A

LDAP injection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Which of the following can be used to mitigate risk if a mobile device is lost?

A. Cable lock

B. Transport encryption

C. Voice encryption

D. Strong passwords

A

Strong passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following authentication services should be replaced with a more secure alternative?

A. RADIUS

B. TACACS

C. TACACS+

D. XTACACS

A

TACACS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

After an audit, it was discovered that an account was not disabled in a timely manner after an employee has departed from the organization. Which of the following did the organization fail to properly implement?

A. Routine account audits

B. Account management processes

C. Change management processes

D. User rights and permission reviews

A

Routing account audits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Several employees submit the same phishing email to the administrator. The administrator finds that the links in the email are not being blocked by the company’s security device. Which of the following might the administrator do in the short term to prevent the emails from being received?

A. Configure an ACL

B. Implement a URL filter

C. Add the domain to a block list

D. Enable TLS on the mail server

A

Add the domain to a block list

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which of the following services are used to support authentication services for several local devices from a central location without the use of tokens?

A. TACACS+

B. Smartcards

C. Biometrics

D. Kerberos

A

TACACS+

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Matt, a systems security engineer, is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential type authentication method BEST fits these requirements?

A. EAP-TLS

B. EAP-FAST

C. PEAP-CHAP

D. PEAP-MSCHAPv2

A

PEAP-MSCHAPv2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?

A. Hashing

B. Key escrow

C. Non-repudiation

D. Steganography

A

Hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Attempting to inject 50 alphanumeric key strokes including spaces into an application input field that only expects four alpha characters in considered which of the following attacks?

A. XML injection

B. Buffer overflow

C. LDAP Injection

D. SQL injection

A

SQL injection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Although a vulnerability scan report shows no vulnerabilities have been discovered, a subsequent penetration test reveals vulnerabilities on the network. Which of the following has been reported by the vulnerability scan?

A. Passive scan

B. Active scan

C. False positive

D. False negative

A

False negative

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Which of the following should be considered to mitigate data theft when using CAT5 wiring?

A. CCTV

B. Environmental monitoring

C. Multimode fiber

D. EMI shielding

A

EMI shielding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

A security technician is attempting to improve the overall security posture of an internal mail server. Which of the following actions would BEST accomplish this goal?

A. Monitoring event logs daily

B. Disabling unnecessary services

C. Deploying a content filter on the network

D. Deploy an IDS on the network

A

Disabling unnecessary services

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Peter, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Peter recommend?

A. Create a VLAN for the SCADA

B. Enable PKI for the MainFrame

C. Implement patch management

D. Implement stronger WPA2 Wireless

A

Create a VLAN for the SCADA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Which of the following would MOST likely involve GPS?

A. Wardriving

B. Protocol analyzer

C. Replay attack

D. WPS attack

A

Wardriving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

A system administrator is notified by a staff member that their laptop has been lost. The laptop contains the user’s digital certificate. Which of the following will help resolve the issue? (Select TWO).

A. Revoke the digital certificate

B. Mark the key as private and import it

C. Restore the certificate using a CRL

D. Issue a new digital certificate

E. Restore the certificate using a recovery agent

A

Revoke the digital certificate

Issue a new digital certificate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Which of the following is an example of a false positive?

A. Anti-virus identifies a benign application as malware.

B. A biometric iris scanner rejects an authorized user wearing a new contact lens.

C. A user account is locked out after the user mistypes the password too many times.

D. The IDS does not identify a buffer overflow.

A

Anti-virus identifies a benign application as malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Which of the following should be used when a business needs a block cipher with minimal key size for internal encryption?

A. AES

B. Blowfish

C. RC5

D. 3DES

A

Blowfish

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Digital signatures are used for ensuring which of the following items? (Select TWO).

A. Confidentiality

B. Integrity

C. Non-Repudiation

D. Availability

E. Algorithm strength

A

Integrity

Non-Repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

A security administrator wants to check user password complexity. Which of the following is the
BEST tool to use?

A. Password history

B. Password logging

C. Password cracker

D. Password hashing

A

Password cracker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

An organization processes credit card transactions and is concerned that an employee may intentionally email credit card numbers to external email addresses. This company should consider which of the following technologies?

A. IDS

B. Firewalls

C. DLP

D. IPS

A

DLP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

All of the following are valid cryptographic hash functions EXCEPT:

A. RIPEMD.

B. RC4.

C. SHA-512.

D. MD4.

A

RC4

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

An administrator wants to establish a WiFi network using a high gain directional antenna with a narrow radiation pattern to connect two buildings separated by a very long distance. Which of the following antennas would be BEST for this situation?

A. Dipole

B. Yagi

C. Sector

D. Omni

A

Yagi

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Which of the following devices would be the MOST efficient way to filter external websites for staff on an internal network?

A. Protocol analyzer

B. Switch

C. Proxy

D. Router

A

Proxy

42
Q

A security administrator develops a web page and limits input into the fields on the web page as well as filters special characters in output. The administrator is trying to prevent which of the following attacks?

A. Spoofing

B. XSS

C. Fuzzing

D. Pharming

A

XSS

43
Q

Ann has recently transferred from the payroll department to engineering. While browsing file shares, Ann notices she can access the payroll status and pay rates of her new coworkers. Which of the following could prevent this scenario from occurring?

A. Credential management

B. Continuous monitoring

C. Separation of duties

D. User access reviews

A

User access reviews

44
Q

A forensic analyst is reviewing electronic evidence after a robbery. Security cameras installed at the site were facing the wrong direction to capture the incident. The analyst ensures the cameras are turned to face the proper direction. Which of the following types of controls is being used?

A. Detective

B. Deterrent

C. Corrective

D. Preventive

A

Corrective

45
Q

A network administrator has purchased two devices that will act as failovers for each other. Which of the following concepts does this BEST illustrate?

A. Authentication

B. Integrity

C. Confidentiality

D. Availability

A

Availability

46
Q

An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here?

A. NIDS

B. NIPS

C. HIPS

D. HIDS

A

NIPS

47
Q

Which of the following is characterized by an attacker attempting to map out an organization’s staff hierarchy in order to send targeted emails?

A. Whaling

B. Impersonation

C. Privilege escalation

D. Spear phishing

A

Whaling

48
Q

Which of the following offerings typically allows the customer to apply operating system patches?

A. Software as a service

B. Public Clouds

C. Cloud Based Storage

D. Infrastructure as a service

A

Infrastructure as a service

49
Q

Which of the following would a security administrator use to verify the integrity of a file?

A. Time stamp

B. MAC times

C. File descriptor

D. Hash

A

Hash

50
Q

Peter, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?

A. Sign in and sign out logs

B. Mantrap

C. Video surveillance

D. HVAC

A

Mantrap

51
Q

Which of the following represents a cryptographic solution where the encrypted stream cannot be captured by a sniffer without the integrity of the stream being compromised?

A. Elliptic curve cryptography.

B. Perfect forward secrecy.

C. Steganography.

D. Quantum cryptography.

A

Quantum cryptography.

52
Q

A new network administrator is setting up a new file server for the company. Which of the following would be the BEST way to manage folder security?

A. Assign users manually and perform regular user access reviews

B. Allow read only access to all folders and require users to request permission

C. Assign data owners to each folder and allow them to add individual users to each folder

D. Create security groups for each folder and assign appropriate users to each group

A

Create security groups for each folder and assign appropriate users to each group

53
Q

Vendors typically ship software applications with security settings disabled by default to ensure a wide range of interoperability with other applications and devices. A security administrator should perform which of the following before deploying new software?

A. Application white listing

B. Network penetration testing

C. Application hardening

D. Input fuzzing testing

A

Application hardening

54
Q

A security administrator discovered that all communication over the company’s encrypted wireless network is being captured by savvy employees with a wireless sniffing tool and is then being decrypted in an attempt to steal other employee’s credentials. Which of the following technology is MOST likely in use on the company’s wireless?

A. WPA with TKIP

B. VPN over open wireless

C. WEP128-PSK

D. WPA2-Enterprise

A

WEP128-PSK

55
Q

A software developer utilizes cryptographic functions to generate codes that verify message integrity. Due to the nature if the data that is being sent back and forth from the client application to the server, the developer would like to change the cryptographic function to one that verities both authentication and message integrity. Which of the following algorithms should the software developer utilize?

A. HMAC

B. SHA

C. Two Fish

D. RIPEMD

A

RIPEMD

56
Q

A team of firewall administrators have access to a `master password list’ containing service account passwords. Which of the following BEST protects the master password list?

A. File encryption

B. Password hashing

C. USB encryption

D. Full disk encryption

A

File encryption

57
Q

Which of the following file systems is from Microsoft and was included with their earliest operating systems?

A. NTFS

B. UFS

C. MTFS

D. FAT

A

FAT

58
Q

The security administrator installed a newly generated SSL certificate onto the company web server. Due to a misconfiguration of the website, a downloadable file containing one of the pieces of the key was available to the public. It was verified that the disclosure did not require a reissue of the certificate. Which of the following was MOST likely compromised?

A. The file containing the recovery agent’s keys.

B. The file containing the public key.

C. The file containing the private key.

D. The file containing the server’s encrypted passwords.

A

The file containing the public key.

59
Q

Which of the following would Matt, a security administrator, use to encrypt transmissions from an internal database to an internal server, keeping in mind that the encryption process must add as little latency to the process as possible?

A. ECC

B. RSA

C. SHA

D. 3DES

A

3DES

60
Q

When designing a corporate NAC solution, which of the following is the MOST relevant integration issue?

A. Infrastructure time sync

B. End user mobility

C. 802.1X supplicant compatibility

D. Network Latency

E. Network Zoning

A

Network Latency

61
Q

The Chief Technology Officer (CTO) wants to improve security surrounding storage of customer passwords.
The company currently stores passwords as SHA hashes. Which of the following can the CTO implement requiring the LEAST change to existing systems?

A. Smart cards

B. TOTP

C. Key stretching

D. Asymmetric keys

A

Smart cards

62
Q

The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented?

A. Implicit deny

B. VLAN management

C. Port security

D. Access control lists

A

Access control lists

63
Q

A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security of the company has not been breached. Which of the following cloud service options would support this requirement?

A. SaaS

B. MaaS

C. IaaS

D. PaaS

A

MaaS

64
Q

The Chief Technical Officer (CTO) has been informed of a potential fraud committed by a database administrator performing several other job functions within the company. Which of the following is the BEST method to prevent such activities in the future?

A. Job rotation

B. Separation of duties

C. Mandatory Vacations

D. Least Privilege

A

Separation of duties

65
Q

Emily, a security administrator, is noticing a slow down in the wireless network response. Emily launches a wireless sniffer and sees a large number of ARP packets being sent to the AP. Which of the following type of attacks is underway?

A. IV attack

B. Interference

C. Blue jacking

D. Packet sniffing

A

IV attack

66
Q

Ann, the security administrator, wishes to implement multifactor security. Which of the following should be implemented in order to compliment password usage and smart cards?

A. Hard tokens

B. Fingerprint readers

C. Swipe badge readers

D. Passphrases

A

Fingerprint readers

67
Q

A technician wants to secure communication to the corporate web portal, which is currently using HTTP. Which of the following is the FIRST step the technician should take?

A. Send the server’s public key to the CA

B. Install the CA certificate on the server

C. Import the certificate revocation list into the server

D. Generate a certificate request from the server

A

Generate a certificate request from the server

68
Q

Public key certificates and keys that are compromised or were issued fraudulently are listed on which of the following?

A. PKI

B. ACL

C. CA

D. CRL

A

CRL

69
Q

CompTIA Security+ Question C-69

Ann, a security administrator, wishes to replace their RADIUS authentication with a more secure protocol, which can utilize EAP. Which of the following would BEST fit her objective?

A. CHAP

B. SAML

C. Kerberos

D. Diameter

A

Diameter

70
Q

A security technician wishes to gather and analyze all Web traffic during a particular time period.
Which of the following represents the BEST approach to gathering the required data?

A. Configure a VPN concentrator to log all traffic destined for ports 80 and 443.

B. Configure a proxy server to log all traffic destined for ports 80 and 443.

C. Configure a switch to log all traffic destined for ports 80 and 443.

D. Configure a NIDS to log all traffic destined for ports 80 and 443.

A

Configure a proxy server to log all traffic destined for ports 80 and 443.

71
Q

Which of the following are restricted to 64-bit block sizes? (Select TWO).

A. PGP

B. DES

C. AES256

D. RSA

E. 3DES

F. AES

A

DES

3DES

72
Q

Which of the following would a security administrator implement in order to identify a problem between two applications that are not communicating properly?

A. Protocol analyzer

B. Baseline report

C. Risk assessment

D. Vulnerability scan

A

Protocol analyzer

73
Q

Which of the following are examples of detective controls?

A. Biometrics, motion sensors and mantraps.

B. Audit, firewall, anti-virus and biometrics.

C. Motion sensors, intruder alarm and audit.

D. Intruder alarm, mantraps and firewall.

A

Motion sensors, intruder alarm and audit

74
Q

Ann, a sales manager, successfully connected her company-issued smartphone to the wireless network in her office without supplying a username/password combination. Upon disconnecting from the wireless network, she attempted to connect her personal tablet computer to the same wireless network and could not connect.
Which of the following is MOST likely the reason?

A. The company wireless is using a MAC filter.

B. The company wireless has SSID broadcast disabled.

C. The company wireless is using WEP.

D. The company wireless is using WPA2.

A

The company wireless is using a MAC filter.

75
Q

Peter, the information security manager, is tasked with calculating risk and selecting controls to protect a new system. He has identified people, environmental conditions, and events that could affect the new system. Which of the following does he need to estimate NEXT in order to complete his risk calculations?

A. Vulnerabilities

B. Risk

C. Likelihood

D. Threats

A

Vulnerabilities

76
Q

Peter, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Peter’s BEST option?

A. Use hardware already at an offsite location and configure it to be quickly utilized.

B. Move the servers and data to another part of the company’s main campus from the server room.

C. Retain data back-ups on the main campus and establish redundant servers in a virtual environment.

D. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy.

A

Use hardware already at an offsite location and configure it to be quickly utilized.

77
Q

Identifying a list of all approved software on a system is a step in which of the following practices?

A. Passively testing security controls

B. Application hardening

C. Host software baselining

D. Client-side targeting

A

Host software baselining

78
Q

In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?

A. Supervisor

B. Administrator

C. Root

D. Director

A

Administrator

79
Q

Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities is MOST appropriate?

A. War dialing

B. War chalking

C. War driving

D. Bluesnarfing

A

War dialing

80
Q

An administrator finds that non-production servers are being frequently compromised, production servers are rebooting at unplanned times and kernel versions are several releases behind the version with all current security fixes.
Which of the following should the administrator implement?

A. Snapshots

B. Sandboxing

C. Patch management

D. Intrusion detection system

A

Patch management

81
Q

In order to maintain oversight of a third party service provider, the company is going to implement a Governance, Risk, and Compliance (GRC) system. This system is promising to provide overall security posture coverage. Which of the following is the MOST important activity that should be considered?

A. Continuous security monitoring

B. Baseline configuration and host hardening

C. Service Level Agreement (SLA) monitoring

D. Security alerting and trending

A

Continuous security monitoring

82
Q

Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following?

A. Evil twin

B. DNS poisoning

C. Vishing

D. Session hijacking

A

DNS poisoning

83
Q

Which of the following is an example of multifactor authentication?

A. Credit card and PIN

B. Username and password

C. Password and PIN

D. Fingerprint and retina scan

A

Credit card and PIN

84
Q

An administrator has concerns regarding the company’s server rooms Proximity badge readers were installed, but it is discovered this is not preventing unapproved personnel from tailgating into these area. Which of the following would BEST address this concern?

A. Replace proximity readers with turn0based key locks

B. Install man-traps at each restricted area entrance

C. Configure alarms to alert security when the areas are accessed

D. Install monitoring cameras at each entrance

A

Install man-traps at each restricted area entrance

85
Q

A security administrator looking through IDS logs notices the following entry: (where email=joe@joe.com and passwd= ‘or 1==1’)
Which of the following attacks had the administrator discovered?

A. SQL injection

B. XML injection

C. Cross-site script

D. Header manipulation

A

SQL injection

86
Q

Users in the HR department were recently informed that they need to implement a user training and awareness program which is tailored to their department. Which of the following types of training would be the MOST appropriate for this department?

A. Handing PII

B. Risk mitigation

C. Input validation

D. Hashing

A

Handing PII

87
Q

A program displays:
ERROR: this program has caught an exception and will now terminate.
Which of the following is MOST likely accomplished by the program’s behavior?

A. Operating system’s integrity is maintained

B. Program’s availability is maintained

C. Operating system’s scalability is maintained

D. User’s confidentiality is maintained

A

Operating system’s integrity is maintained

88
Q

The information security technician wants to ensure security controls are deployed and functioning as intended to be able to maintain an appropriate security posture. Which of the following security techniques is MOST appropriate to do this?

A. Log audits

B. System hardening

C. Use IPS/IDS

D. Continuous security monitoring

A

Continuous security monitoring

89
Q

Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement?

A. Matt should implement access control lists and turn on EFS.

B. Matt should implement DLP and encrypt the company database.

C. Matt should install Truecrypt and encrypt the company server.

D. Matt should install TPMs and encrypt the company database.

A

Matt should implement DLP and encrypt the company database.

90
Q

Which of the following defines a business goal for system restoration and acceptable data loss?

A. MTTR

B. MTBF

C. RPO

D. Warm site

A

RPO

91
Q

A systems engineer has been presented with storage performance and redundancy requirements for a new system to be built for the company. The storage solution must be designed to support the highest performance and must also be able to support more than one drive failure. Which of the following should the engineer choose to meet these requirements?

A. A mirrored striped array with parity

B. A mirrored mirror array

C. A striped array

D. A striped array with parity

A

A mirrored mirror array

92
Q

Which of the following BEST explains the use of an HSM within the company servers?

A. Thumb drives present a significant threat which is mitigated by HSM.

B. Software encryption can perform multiple functions required by HSM.

C. Data loss by removable media can be prevented with DLP.

D. Hardware encryption is faster than software encryption.

A

Hardware encryption is faster than software encryption.

93
Q

The public key is used to perform which of the following? (Select THREE).

A. Validate the CRL

B. Validate the identity of an email sender

C. Encrypt messages

D. Perform key recovery

E. Decrypt messages

F. Perform key escrow

A

Validate the identity of an email sender

Encrypt messages

Decrypt messages

94
Q

Emily, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Emily is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again?

A. Disable the wireless access and implement strict router ACLs.

B. Reduce restrictions on the corporate web security gateway.

C. Security policy and threat awareness training.

D. Perform user rights and permissions reviews.

A

Security policy and threat awareness training.

95
Q

Which of the following is used to verify data integrity?

A. SHA

B. 3DES

C. AES

D. RSA

A

SHA

96
Q

Peter, the security engineer, would like to prevent wireless attacks on his network. Peter has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address?

A. Interference

B. Man-in-the-middle

C. ARP poisoning

D. Rogue access point

A

Rogue access point

97
Q

Ann, the system administrator, is installing an extremely critical system that can support ZERO downtime. Which of the following BEST describes the type of system Ann is installing?

A. High availability

B. Clustered

C. RAID

D. Load balanced

A

High availability

98
Q

Company XYZ has encountered an increased amount of buffer overflow attacks. The programmer has been tasked to identify the issue and report any findings. Which of the following is the FIRST step of action recommended in this scenario?

A. Baseline Reporting

B. Capability Maturity Model

C. Code Review

D. Quality Assurance and Testing

A

Code Review

99
Q

Ann is an employee in the accounting department and would like to work on files from her home computer. She recently heard about a new personal cloud storage service with an easy web interface. Before uploading her work related files into the cloud for access, which of the following is the MOST important security concern Ann should be aware of?

A. Size of the files

B. Availability of the files

C. Accessibility of the files from her mobile device

D. Sensitivity of the files

A

Sensitivity of the files

100
Q

Peter needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?

A. TCP 23

B. UDP 69

C. TCP 22

D. TCP 21

A

TCP 22