Deck C

Question 1

While setting up a secure wireless corporate network, which of the following should Peter, an administrator, avoid implementing?

A. EAP-TLS

B. PEAP

C. WEP

D. WPA

Answer 1

WEP

Question 2

During a routine audit a web server is flagged for allowing the use of weak ciphers. Which of the following should be disabled to mitigate this risk? (Select TWO).

A. SSL 1.0

B. RC4

C. SSL 3.0

D. AES

E. DES

F. TLS 1.0

Answer 2

SSL 1.0

DES

Question 3

All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices. Which of the following attacks does this action remediate?

A. Dumpster Diving

B. Impersonation

C. Shoulder Surfing

D. Whaling

Answer 3

Shoulder Surfing

Question 4

An auditing team has found that passwords do not meet best business practices. Which of the following will MOST increase the security of the passwords? (Select TWO).

A. Password Complexity

B. Password Expiration

C. Password Age

D. Password Length

E. Password History

Answer 4

Password Complexity

Password Length

Question 5

Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?

A. Sniffer

B. Router

C. Firewall

D. Switch

Answer 5

Firewall

Question 6

Which of the following BEST describes the weakness in WEP encryption?

A. The initialization vector of WEP uses a crack-able RC4 encryption algorithm. Once enough packets are captured an XOR operation can be performed and the asymmetric keys can be derived.

B. The WEP key is stored in plain text and split in portions across 224 packets of random data. Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain text key.

C. The WEP key has a weak MD4 hashing algorithm used. A simple rainbow table can be used to generate key possibilities due to MD4 collisions.

D. The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.

Answer 6

The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.

Question 7

Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO).

A. Tethering

B. Screen lock PIN

C. Remote wipe

D. Email password

E. GPS tracking

F. Device encryption

Answer 7

Remote wipe

Device encryption

Question 8

A security engineer is given new application extensions each month that need to be secured prior to implementation. They do not want the new extensions to invalidate or interfere with existing application security. Additionally, the engineer wants to ensure that the new requirements are approved by the appropriate personnel. Which of the following should be in place to meet these two goals? (Select TWO).

A. Patch Audit Policy

B. Change Control Policy

C. Incident Management Policy

D. Regression Testing Policy

E. Escalation Policy

F. Application Audit Policy

Answer 8

Change Control Policy

Regression Testing Policy

Question 9

Which of the following technologies uses multiple devices to share work?

A. Switching

B. Load balancing

C. RAID

D. VPN concentrator

Answer 9

Load balancing

Question 10

Which of the following would Peter, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers?

A. Packet filtering firewall

B. VPN gateway

C. Switch

D. Router

Answer 10

VPN gateway

Question 11

Peter Has read and write access to his own home directory. Peter and Ann are collaborating on a project, and Peter would like to give Ann write access to one particular file in this home directory. Which of the following types of access control would this reflect?

A. Role-based access control

B. Rule-based access control

C. Mandatory access control

D. Discretionary access control

Answer 11

Discretionary access control

Question 12

When performing the daily review of the system vulnerability scans of the network Peter, the administrator, noticed several security related vulnerabilities with an assigned vulnerability identification number. Peter researches the assigned vulnerability identification number from the vendor website. Peter proceeds with applying the recommended solution for identified vulnerability.
Which of the following is the type of vulnerability described?

A. Network based

B. IDS

C. Signature based

D. Host based

Answer 12

Signature based

Question 13

Symmetric encryption utilizes __________, while asymmetric encryption utilizes _________.

A. Public keys, one time

B. Shared keys, private keys

C. Private keys, session keys

D. Private keys, public keys

Answer 13

Private keys, public keys

Question 14

A company’s legacy server requires administration using Telnet. Which of the following protocols could be used to secure communication by offering encryption at a lower OSI layer? (Select TWO).

A. IPv6

B. SFTP

C. IPSec

D. SSH

E. IPv4

Answer 14

IPv6

IPSec

Question 15

A supervisor in the human resources department has been given additional job duties in the accounting department. Part of their new duties will be to check the daily balance sheet calculations on spreadsheets that are restricted to the accounting group. In which of the following ways should the account be handled?

A. The supervisor should be allowed to have access to the spreadsheet files, and their membership in the human resources group should be terminated.

B. The supervisor should be removed from the human resources group and added to the accounting group.

C. The supervisor should be added to the accounting group while maintaining their membership in the human resources group.

D. The supervisor should only maintain membership in the human resources group.

Answer 15

The supervisor should be added to the accounting group while maintaining their membership in the human resources group.

Question 16

Which of the following is an effective way to ensure the BEST temperature for all equipment within a datacenter?

A. Fire suppression

B. Raised floor implementation

C. EMI shielding

D. Hot or cool aisle containment

Answer 16

Hot or cool aisle containment

Question 17

After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?

A. 25

B. 68

C. 80

D. 443

Answer 17

68

Question 18

Which of the following hardware based encryption devices is used as a part of multi-factor authentication to access a secured computing system?

A. Database encryption

B. USB encryption

C. Whole disk encryption

D. TPM

Answer 18

TPM

Question 19

An attacker attempted to compromise a web form by inserting the following input into the username field: admin)(|(password=*)) Which of the following types of attacks was attempted?

A. SQL injection

B. Cross-site scripting

C. Command injection

D. LDAP injection

Answer 19

LDAP injection

Question 20

Which of the following can be used to mitigate risk if a mobile device is lost?

A. Cable lock

B. Transport encryption

C. Voice encryption

D. Strong passwords

Answer 20

Strong passwords

Question 21

Which of the following authentication services should be replaced with a more secure alternative?

A. RADIUS

B. TACACS

C. TACACS+

D. XTACACS

Answer 21

TACACS

Question 22

After an audit, it was discovered that an account was not disabled in a timely manner after an employee has departed from the organization. Which of the following did the organization fail to properly implement?

A. Routine account audits

B. Account management processes

C. Change management processes

D. User rights and permission reviews

Answer 22

Routing account audits

Question 23

Several employees submit the same phishing email to the administrator. The administrator finds that the links in the email are not being blocked by the company’s security device. Which of the following might the administrator do in the short term to prevent the emails from being received?

A. Configure an ACL

B. Implement a URL filter

C. Add the domain to a block list

D. Enable TLS on the mail server

Answer 23

Add the domain to a block list

Question 24

Which of the following services are used to support authentication services for several local devices from a central location without the use of tokens?

A. TACACS+

B. Smartcards

C. Biometrics

D. Kerberos

Answer 24

TACACS+

Question 25

Matt, a systems security engineer, is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential type authentication method BEST fits these requirements?

A. EAP-TLS

B. EAP-FAST

C. PEAP-CHAP

D. PEAP-MSCHAPv2

Answer 25

PEAP-MSCHAPv2

Question 26

Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?

A. Hashing

B. Key escrow

C. Non-repudiation

D. Steganography

Answer 26

Hashing

Question 27

Attempting to inject 50 alphanumeric key strokes including spaces into an application input field that only expects four alpha characters in considered which of the following attacks?

A. XML injection

B. Buffer overflow

C. LDAP Injection

D. SQL injection

Answer 27

SQL injection

Question 28

Although a vulnerability scan report shows no vulnerabilities have been discovered, a subsequent penetration test reveals vulnerabilities on the network. Which of the following has been reported by the vulnerability scan?

A. Passive scan

B. Active scan

C. False positive

D. False negative

Answer 28

False negative

Question 29

Which of the following should be considered to mitigate data theft when using CAT5 wiring?

A. CCTV

B. Environmental monitoring

C. Multimode fiber

D. EMI shielding

Answer 29

EMI shielding

Question 30

A security technician is attempting to improve the overall security posture of an internal mail server. Which of the following actions would BEST accomplish this goal?

A. Monitoring event logs daily

B. Disabling unnecessary services

C. Deploying a content filter on the network

D. Deploy an IDS on the network

Answer 30

Disabling unnecessary services

Question 31

Peter, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Peter recommend?

A. Create a VLAN for the SCADA

B. Enable PKI for the MainFrame

C. Implement patch management

D. Implement stronger WPA2 Wireless

Answer 31

Create a VLAN for the SCADA

Question 32

Which of the following would MOST likely involve GPS?

A. Wardriving

B. Protocol analyzer

C. Replay attack

D. WPS attack

Answer 32

Wardriving

Question 33

A system administrator is notified by a staff member that their laptop has been lost. The laptop contains the user’s digital certificate. Which of the following will help resolve the issue? (Select TWO).

A. Revoke the digital certificate

B. Mark the key as private and import it

C. Restore the certificate using a CRL

D. Issue a new digital certificate

E. Restore the certificate using a recovery agent

Answer 33

Revoke the digital certificate

Issue a new digital certificate

Question 34

Which of the following is an example of a false positive?

A. Anti-virus identifies a benign application as malware.

B. A biometric iris scanner rejects an authorized user wearing a new contact lens.

C. A user account is locked out after the user mistypes the password too many times.

D. The IDS does not identify a buffer overflow.

Answer 34

Anti-virus identifies a benign application as malware.

Question 35

Which of the following should be used when a business needs a block cipher with minimal key size for internal encryption?

A. AES

B. Blowfish

C. RC5

D. 3DES

Answer 35

Blowfish

Question 36

Digital signatures are used for ensuring which of the following items? (Select TWO).

A. Confidentiality

B. Integrity

C. Non-Repudiation

D. Availability

E. Algorithm strength

Answer 36

Integrity

Non-Repudiation

Question 37

A security administrator wants to check user password complexity. Which of the following is the
BEST tool to use?

A. Password history

B. Password logging

C. Password cracker

D. Password hashing

Answer 37

Password cracker

Question 38

An organization processes credit card transactions and is concerned that an employee may intentionally email credit card numbers to external email addresses. This company should consider which of the following technologies?

A. IDS

B. Firewalls

C. DLP

D. IPS

Answer 38

DLP

Question 39

All of the following are valid cryptographic hash functions EXCEPT:

A. RIPEMD.

B. RC4.

C. SHA-512.

D. MD4.

Answer 39

RC4

Question 40

An administrator wants to establish a WiFi network using a high gain directional antenna with a narrow radiation pattern to connect two buildings separated by a very long distance. Which of the following antennas would be BEST for this situation?

A. Dipole

B. Yagi

C. Sector

D. Omni

Answer 40

Yagi

Question 41

Which of the following devices would be the MOST efficient way to filter external websites for staff on an internal network?

A. Protocol analyzer

B. Switch

C. Proxy

D. Router

Answer 41

Proxy

Question 42

A security administrator develops a web page and limits input into the fields on the web page as well as filters special characters in output. The administrator is trying to prevent which of the following attacks?

A. Spoofing

B. XSS

C. Fuzzing

D. Pharming

Answer 42

XSS

Question 43

Ann has recently transferred from the payroll department to engineering. While browsing file shares, Ann notices she can access the payroll status and pay rates of her new coworkers. Which of the following could prevent this scenario from occurring?

A. Credential management

B. Continuous monitoring

C. Separation of duties

D. User access reviews

Answer 43

User access reviews

Question 44

A forensic analyst is reviewing electronic evidence after a robbery. Security cameras installed at the site were facing the wrong direction to capture the incident. The analyst ensures the cameras are turned to face the proper direction. Which of the following types of controls is being used?

A. Detective

B. Deterrent

C. Corrective

D. Preventive

Answer 44

Corrective

Question 45

A network administrator has purchased two devices that will act as failovers for each other. Which of the following concepts does this BEST illustrate?

A. Authentication

B. Integrity

C. Confidentiality

D. Availability

Answer 45

Availability

Question 46

An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here?

A. NIDS

B. NIPS

C. HIPS

D. HIDS

Answer 46

NIPS

Question 47

Which of the following is characterized by an attacker attempting to map out an organization’s staff hierarchy in order to send targeted emails?

A. Whaling

B. Impersonation

C. Privilege escalation

D. Spear phishing

Answer 47

Whaling

Question 48

Which of the following offerings typically allows the customer to apply operating system patches?

A. Software as a service

B. Public Clouds

C. Cloud Based Storage

D. Infrastructure as a service

Answer 48

Infrastructure as a service

Question 49

Which of the following would a security administrator use to verify the integrity of a file?

A. Time stamp

B. MAC times

C. File descriptor

D. Hash

Answer 49

Hash

Question 50

Peter, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?

A. Sign in and sign out logs

B. Mantrap

C. Video surveillance

D. HVAC

Answer 50

Mantrap

Question 51

Which of the following represents a cryptographic solution where the encrypted stream cannot be captured by a sniffer without the integrity of the stream being compromised?

A. Elliptic curve cryptography.

B. Perfect forward secrecy.

C. Steganography.

D. Quantum cryptography.

Answer 51

Quantum cryptography.

Question 52

A new network administrator is setting up a new file server for the company. Which of the following would be the BEST way to manage folder security?

A. Assign users manually and perform regular user access reviews

B. Allow read only access to all folders and require users to request permission

C. Assign data owners to each folder and allow them to add individual users to each folder

D. Create security groups for each folder and assign appropriate users to each group

Answer 52

Create security groups for each folder and assign appropriate users to each group

Question 53

Vendors typically ship software applications with security settings disabled by default to ensure a wide range of interoperability with other applications and devices. A security administrator should perform which of the following before deploying new software?

A. Application white listing

B. Network penetration testing

C. Application hardening

D. Input fuzzing testing

Answer 53

Application hardening

Question 54

A security administrator discovered that all communication over the company’s encrypted wireless network is being captured by savvy employees with a wireless sniffing tool and is then being decrypted in an attempt to steal other employee’s credentials. Which of the following technology is MOST likely in use on the company’s wireless?

A. WPA with TKIP

B. VPN over open wireless

C. WEP128-PSK

D. WPA2-Enterprise

Answer 54

WEP128-PSK

Question 55

A software developer utilizes cryptographic functions to generate codes that verify message integrity. Due to the nature if the data that is being sent back and forth from the client application to the server, the developer would like to change the cryptographic function to one that verities both authentication and message integrity. Which of the following algorithms should the software developer utilize?

A. HMAC

B. SHA

C. Two Fish

D. RIPEMD

Answer 55

RIPEMD

Question 56

A team of firewall administrators have access to a `master password list’ containing service account passwords. Which of the following BEST protects the master password list?

A. File encryption

B. Password hashing

C. USB encryption

D. Full disk encryption

Answer 56

File encryption

Question 57

Which of the following file systems is from Microsoft and was included with their earliest operating systems?

A. NTFS

B. UFS

C. MTFS

D. FAT

Answer 57

FAT

Question 58

The security administrator installed a newly generated SSL certificate onto the company web server. Due to a misconfiguration of the website, a downloadable file containing one of the pieces of the key was available to the public. It was verified that the disclosure did not require a reissue of the certificate. Which of the following was MOST likely compromised?

A. The file containing the recovery agent’s keys.

B. The file containing the public key.

C. The file containing the private key.

D. The file containing the server’s encrypted passwords.

Answer 58

The file containing the public key.

Question 59

Which of the following would Matt, a security administrator, use to encrypt transmissions from an internal database to an internal server, keeping in mind that the encryption process must add as little latency to the process as possible?

A. ECC

B. RSA

C. SHA

D. 3DES

Answer 59

3DES

Question 60

When designing a corporate NAC solution, which of the following is the MOST relevant integration issue?

A. Infrastructure time sync

B. End user mobility

C. 802.1X supplicant compatibility

D. Network Latency

E. Network Zoning

Answer 60

Network Latency

Question 61

The Chief Technology Officer (CTO) wants to improve security surrounding storage of customer passwords.
The company currently stores passwords as SHA hashes. Which of the following can the CTO implement requiring the LEAST change to existing systems?

A. Smart cards

B. TOTP

C. Key stretching

D. Asymmetric keys

Answer 61

Smart cards

Question 62

The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented?

A. Implicit deny

B. VLAN management

C. Port security

D. Access control lists

Answer 62

Access control lists

Question 63

A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security of the company has not been breached. Which of the following cloud service options would support this requirement?

A. SaaS

B. MaaS

C. IaaS

D. PaaS

Answer 63

MaaS

Question 64

The Chief Technical Officer (CTO) has been informed of a potential fraud committed by a database administrator performing several other job functions within the company. Which of the following is the BEST method to prevent such activities in the future?

A. Job rotation

B. Separation of duties

C. Mandatory Vacations

D. Least Privilege

Answer 64

Separation of duties

Question 65

Emily, a security administrator, is noticing a slow down in the wireless network response. Emily launches a wireless sniffer and sees a large number of ARP packets being sent to the AP. Which of the following type of attacks is underway?

A. IV attack

B. Interference

C. Blue jacking

D. Packet sniffing

Answer 65

IV attack

Question 66

Ann, the security administrator, wishes to implement multifactor security. Which of the following should be implemented in order to compliment password usage and smart cards?

A. Hard tokens

B. Fingerprint readers

C. Swipe badge readers

D. Passphrases

Answer 66

Fingerprint readers

Question 67

A technician wants to secure communication to the corporate web portal, which is currently using HTTP. Which of the following is the FIRST step the technician should take?

A. Send the server’s public key to the CA

B. Install the CA certificate on the server

C. Import the certificate revocation list into the server

D. Generate a certificate request from the server

Answer 67

Generate a certificate request from the server

Question 68

Public key certificates and keys that are compromised or were issued fraudulently are listed on which of the following?

A. PKI

B. ACL

C. CA

D. CRL

Answer 68

CRL

Question 69

CompTIA Security+ Question C-69

Ann, a security administrator, wishes to replace their RADIUS authentication with a more secure protocol, which can utilize EAP. Which of the following would BEST fit her objective?

A. CHAP

B. SAML

C. Kerberos

D. Diameter

Answer 69

Diameter

Question 70

A security technician wishes to gather and analyze all Web traffic during a particular time period.
Which of the following represents the BEST approach to gathering the required data?

A. Configure a VPN concentrator to log all traffic destined for ports 80 and 443.

B. Configure a proxy server to log all traffic destined for ports 80 and 443.

C. Configure a switch to log all traffic destined for ports 80 and 443.

D. Configure a NIDS to log all traffic destined for ports 80 and 443.

Answer 70

Configure a proxy server to log all traffic destined for ports 80 and 443.

Question 71

Which of the following are restricted to 64-bit block sizes? (Select TWO).

A. PGP

B. DES

C. AES256

D. RSA

E. 3DES

F. AES

Answer 71

DES

3DES

Question 72

Which of the following would a security administrator implement in order to identify a problem between two applications that are not communicating properly?

A. Protocol analyzer

B. Baseline report

C. Risk assessment

D. Vulnerability scan

Answer 72

Protocol analyzer

Question 73

Which of the following are examples of detective controls?

A. Biometrics, motion sensors and mantraps.

B. Audit, firewall, anti-virus and biometrics.

C. Motion sensors, intruder alarm and audit.

D. Intruder alarm, mantraps and firewall.

Answer 73

Motion sensors, intruder alarm and audit

Question 74

Ann, a sales manager, successfully connected her company-issued smartphone to the wireless network in her office without supplying a username/password combination. Upon disconnecting from the wireless network, she attempted to connect her personal tablet computer to the same wireless network and could not connect.
Which of the following is MOST likely the reason?

A. The company wireless is using a MAC filter.

B. The company wireless has SSID broadcast disabled.

C. The company wireless is using WEP.

D. The company wireless is using WPA2.

Answer 74

The company wireless is using a MAC filter.

Question 75

Peter, the information security manager, is tasked with calculating risk and selecting controls to protect a new system. He has identified people, environmental conditions, and events that could affect the new system. Which of the following does he need to estimate NEXT in order to complete his risk calculations?

A. Vulnerabilities

B. Risk

C. Likelihood

D. Threats

Answer 75

Vulnerabilities

Question 76

Peter, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Peter’s BEST option?

A. Use hardware already at an offsite location and configure it to be quickly utilized.

B. Move the servers and data to another part of the company’s main campus from the server room.

C. Retain data back-ups on the main campus and establish redundant servers in a virtual environment.

D. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy.

Answer 76

Use hardware already at an offsite location and configure it to be quickly utilized.

Question 77

Identifying a list of all approved software on a system is a step in which of the following practices?

A. Passively testing security controls

B. Application hardening

C. Host software baselining

D. Client-side targeting

Answer 77

Host software baselining

Question 78

In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?

A. Supervisor

B. Administrator

C. Root

D. Director

Answer 78

Administrator

Question 79

Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company’s live modem pool. Which of the following activities is MOST appropriate?

A. War dialing

B. War chalking

C. War driving

D. Bluesnarfing

Answer 79

War dialing

Question 80

An administrator finds that non-production servers are being frequently compromised, production servers are rebooting at unplanned times and kernel versions are several releases behind the version with all current security fixes.
Which of the following should the administrator implement?

A. Snapshots

B. Sandboxing

C. Patch management

D. Intrusion detection system

Answer 80

Patch management

Question 81

In order to maintain oversight of a third party service provider, the company is going to implement a Governance, Risk, and Compliance (GRC) system. This system is promising to provide overall security posture coverage. Which of the following is the MOST important activity that should be considered?

A. Continuous security monitoring

B. Baseline configuration and host hardening

C. Service Level Agreement (SLA) monitoring

D. Security alerting and trending

Answer 81

Continuous security monitoring

Question 82

Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following?

A. Evil twin

B. DNS poisoning

C. Vishing

D. Session hijacking

Answer 82

DNS poisoning

Question 83

Which of the following is an example of multifactor authentication?

A. Credit card and PIN

B. Username and password

C. Password and PIN

D. Fingerprint and retina scan

Answer 83

Credit card and PIN

Question 84

An administrator has concerns regarding the company’s server rooms Proximity badge readers were installed, but it is discovered this is not preventing unapproved personnel from tailgating into these area. Which of the following would BEST address this concern?

A. Replace proximity readers with turn0based key locks

B. Install man-traps at each restricted area entrance

C. Configure alarms to alert security when the areas are accessed

D. Install monitoring cameras at each entrance

Answer 84

Install man-traps at each restricted area entrance

Question 85

A security administrator looking through IDS logs notices the following entry: (where email=joe@joe.com and passwd= ‘or 1==1’)
Which of the following attacks had the administrator discovered?

A. SQL injection

B. XML injection

C. Cross-site script

D. Header manipulation

Answer 85

SQL injection

Question 86

Users in the HR department were recently informed that they need to implement a user training and awareness program which is tailored to their department. Which of the following types of training would be the MOST appropriate for this department?

A. Handing PII

B. Risk mitigation

C. Input validation

D. Hashing

Answer 86

Handing PII

Question 87

A program displays:
ERROR: this program has caught an exception and will now terminate.
Which of the following is MOST likely accomplished by the program’s behavior?

A. Operating system’s integrity is maintained

B. Program’s availability is maintained

C. Operating system’s scalability is maintained

D. User’s confidentiality is maintained

Answer 87

Operating system’s integrity is maintained

Question 88

The information security technician wants to ensure security controls are deployed and functioning as intended to be able to maintain an appropriate security posture. Which of the following security techniques is MOST appropriate to do this?

A. Log audits

B. System hardening

C. Use IPS/IDS

D. Continuous security monitoring

Answer 88

Continuous security monitoring

Question 89

Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement?

A. Matt should implement access control lists and turn on EFS.

B. Matt should implement DLP and encrypt the company database.

C. Matt should install Truecrypt and encrypt the company server.

D. Matt should install TPMs and encrypt the company database.

Answer 89

Matt should implement DLP and encrypt the company database.

Question 90

Which of the following defines a business goal for system restoration and acceptable data loss?

A. MTTR

B. MTBF

C. RPO

D. Warm site

Answer 90

RPO

Question 91

A systems engineer has been presented with storage performance and redundancy requirements for a new system to be built for the company. The storage solution must be designed to support the highest performance and must also be able to support more than one drive failure. Which of the following should the engineer choose to meet these requirements?

A. A mirrored striped array with parity

B. A mirrored mirror array

C. A striped array

D. A striped array with parity

Answer 91

A mirrored mirror array

Question 92

Which of the following BEST explains the use of an HSM within the company servers?

A. Thumb drives present a significant threat which is mitigated by HSM.

B. Software encryption can perform multiple functions required by HSM.

C. Data loss by removable media can be prevented with DLP.

D. Hardware encryption is faster than software encryption.

Answer 92

Hardware encryption is faster than software encryption.

Question 93

The public key is used to perform which of the following? (Select THREE).

A. Validate the CRL

B. Validate the identity of an email sender

C. Encrypt messages

D. Perform key recovery

E. Decrypt messages

F. Perform key escrow

Answer 93

Validate the identity of an email sender

Encrypt messages

Decrypt messages

Question 94

Emily, an employee, tethers her smartphone to her work PC to bypass the corporate web security gateway while connected to the LAN. While Emily is out at lunch her PC is compromised via the tethered connection and corporate data is stolen. Which of the following would BEST prevent this from occurring again?

A. Disable the wireless access and implement strict router ACLs.

B. Reduce restrictions on the corporate web security gateway.

C. Security policy and threat awareness training.

D. Perform user rights and permissions reviews.

Answer 94

Security policy and threat awareness training.

Question 95

Which of the following is used to verify data integrity?

A. SHA

B. 3DES

C. AES

D. RSA

Answer 95

SHA

Question 96

Peter, the security engineer, would like to prevent wireless attacks on his network. Peter has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address?

A. Interference

B. Man-in-the-middle

C. ARP poisoning

D. Rogue access point

Answer 96

Rogue access point

Question 97

Ann, the system administrator, is installing an extremely critical system that can support ZERO downtime. Which of the following BEST describes the type of system Ann is installing?

A. High availability

B. Clustered

C. RAID

D. Load balanced

Answer 97

High availability

Question 98

Company XYZ has encountered an increased amount of buffer overflow attacks. The programmer has been tasked to identify the issue and report any findings. Which of the following is the FIRST step of action recommended in this scenario?

A. Baseline Reporting

B. Capability Maturity Model

C. Code Review

D. Quality Assurance and Testing

Answer 98

Code Review

Question 99

Ann is an employee in the accounting department and would like to work on files from her home computer. She recently heard about a new personal cloud storage service with an easy web interface. Before uploading her work related files into the cloud for access, which of the following is the MOST important security concern Ann should be aware of?

A. Size of the files

B. Availability of the files

C. Accessibility of the files from her mobile device

D. Sensitivity of the files

Answer 99

Sensitivity of the files

Question 100

Peter needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?

A. TCP 23

B. UDP 69

C. TCP 22

D. TCP 21

Answer 100

TCP 22