Deck C Flashcards
While setting up a secure wireless corporate network, which of the following should Peter, an administrator, avoid implementing?
A. EAP-TLS
B. PEAP
C. WEP
D. WPA
WEP
During a routine audit a web server is flagged for allowing the use of weak ciphers. Which of the following should be disabled to mitigate this risk? (Select TWO).
A. SSL 1.0
B. RC4
C. SSL 3.0
D. AES
E. DES
F. TLS 1.0
SSL 1.0
DES
All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices. Which of the following attacks does this action remediate?
A. Dumpster Diving
B. Impersonation
C. Shoulder Surfing
D. Whaling
Shoulder Surfing
An auditing team has found that passwords do not meet best business practices. Which of the following will MOST increase the security of the passwords? (Select TWO).
A. Password Complexity
B. Password Expiration
C. Password Age
D. Password Length
E. Password History
Password Complexity
Password Length
Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic?
A. Sniffer
B. Router
C. Firewall
D. Switch
Firewall
Which of the following BEST describes the weakness in WEP encryption?
A. The initialization vector of WEP uses a crack-able RC4 encryption algorithm. Once enough packets are captured an XOR operation can be performed and the asymmetric keys can be derived.
B. The WEP key is stored in plain text and split in portions across 224 packets of random data. Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain text key.
C. The WEP key has a weak MD4 hashing algorithm used. A simple rainbow table can be used to generate key possibilities due to MD4 collisions.
D. The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.
The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.
Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO).
A. Tethering
B. Screen lock PIN
C. Remote wipe
D. Email password
E. GPS tracking
F. Device encryption
Remote wipe
Device encryption
A security engineer is given new application extensions each month that need to be secured prior to implementation. They do not want the new extensions to invalidate or interfere with existing application security. Additionally, the engineer wants to ensure that the new requirements are approved by the appropriate personnel. Which of the following should be in place to meet these two goals? (Select TWO).
A. Patch Audit Policy
B. Change Control Policy
C. Incident Management Policy
D. Regression Testing Policy
E. Escalation Policy
F. Application Audit Policy
Change Control Policy
Regression Testing Policy
Which of the following technologies uses multiple devices to share work?
A. Switching
B. Load balancing
C. RAID
D. VPN concentrator
Load balancing
Which of the following would Peter, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers?
A. Packet filtering firewall
B. VPN gateway
C. Switch
D. Router
VPN gateway
Peter Has read and write access to his own home directory. Peter and Ann are collaborating on a project, and Peter would like to give Ann write access to one particular file in this home directory. Which of the following types of access control would this reflect?
A. Role-based access control
B. Rule-based access control
C. Mandatory access control
D. Discretionary access control
Discretionary access control
When performing the daily review of the system vulnerability scans of the network Peter, the administrator, noticed several security related vulnerabilities with an assigned vulnerability identification number. Peter researches the assigned vulnerability identification number from the vendor website. Peter proceeds with applying the recommended solution for identified vulnerability.
Which of the following is the type of vulnerability described?
A. Network based
B. IDS
C. Signature based
D. Host based
Signature based
Symmetric encryption utilizes __________, while asymmetric encryption utilizes _________.
A. Public keys, one time
B. Shared keys, private keys
C. Private keys, session keys
D. Private keys, public keys
Private keys, public keys
A company’s legacy server requires administration using Telnet. Which of the following protocols could be used to secure communication by offering encryption at a lower OSI layer? (Select TWO).
A. IPv6
B. SFTP
C. IPSec
D. SSH
E. IPv4
IPv6
IPSec
A supervisor in the human resources department has been given additional job duties in the accounting department. Part of their new duties will be to check the daily balance sheet calculations on spreadsheets that are restricted to the accounting group. In which of the following ways should the account be handled?
A. The supervisor should be allowed to have access to the spreadsheet files, and their membership in the human resources group should be terminated.
B. The supervisor should be removed from the human resources group and added to the accounting group.
C. The supervisor should be added to the accounting group while maintaining their membership in the human resources group.
D. The supervisor should only maintain membership in the human resources group.
The supervisor should be added to the accounting group while maintaining their membership in the human resources group.
Which of the following is an effective way to ensure the BEST temperature for all equipment within a datacenter?
A. Fire suppression
B. Raised floor implementation
C. EMI shielding
D. Hot or cool aisle containment
Hot or cool aisle containment
After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?
A. 25
B. 68
C. 80
D. 443
68
Which of the following hardware based encryption devices is used as a part of multi-factor authentication to access a secured computing system?
A. Database encryption
B. USB encryption
C. Whole disk encryption
D. TPM
TPM
An attacker attempted to compromise a web form by inserting the following input into the username field: admin)(|(password=*)) Which of the following types of attacks was attempted?
A. SQL injection
B. Cross-site scripting
C. Command injection
D. LDAP injection
LDAP injection
Which of the following can be used to mitigate risk if a mobile device is lost?
A. Cable lock
B. Transport encryption
C. Voice encryption
D. Strong passwords
Strong passwords
Which of the following authentication services should be replaced with a more secure alternative?
A. RADIUS
B. TACACS
C. TACACS+
D. XTACACS
TACACS
After an audit, it was discovered that an account was not disabled in a timely manner after an employee has departed from the organization. Which of the following did the organization fail to properly implement?
A. Routine account audits
B. Account management processes
C. Change management processes
D. User rights and permission reviews
Routing account audits
Several employees submit the same phishing email to the administrator. The administrator finds that the links in the email are not being blocked by the company’s security device. Which of the following might the administrator do in the short term to prevent the emails from being received?
A. Configure an ACL
B. Implement a URL filter
C. Add the domain to a block list
D. Enable TLS on the mail server
Add the domain to a block list
Which of the following services are used to support authentication services for several local devices from a central location without the use of tokens?
A. TACACS+
B. Smartcards
C. Biometrics
D. Kerberos
TACACS+
Matt, a systems security engineer, is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential type authentication method BEST fits these requirements?
A. EAP-TLS
B. EAP-FAST
C. PEAP-CHAP
D. PEAP-MSCHAPv2
PEAP-MSCHAPv2
Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program?
A. Hashing
B. Key escrow
C. Non-repudiation
D. Steganography
Hashing
Attempting to inject 50 alphanumeric key strokes including spaces into an application input field that only expects four alpha characters in considered which of the following attacks?
A. XML injection
B. Buffer overflow
C. LDAP Injection
D. SQL injection
SQL injection
Although a vulnerability scan report shows no vulnerabilities have been discovered, a subsequent penetration test reveals vulnerabilities on the network. Which of the following has been reported by the vulnerability scan?
A. Passive scan
B. Active scan
C. False positive
D. False negative
False negative
Which of the following should be considered to mitigate data theft when using CAT5 wiring?
A. CCTV
B. Environmental monitoring
C. Multimode fiber
D. EMI shielding
EMI shielding
A security technician is attempting to improve the overall security posture of an internal mail server. Which of the following actions would BEST accomplish this goal?
A. Monitoring event logs daily
B. Disabling unnecessary services
C. Deploying a content filter on the network
D. Deploy an IDS on the network
Disabling unnecessary services
Peter, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file had been uploaded to the system control console during a visit by international contractors. Which of the following actions should Peter recommend?
A. Create a VLAN for the SCADA
B. Enable PKI for the MainFrame
C. Implement patch management
D. Implement stronger WPA2 Wireless
Create a VLAN for the SCADA
Which of the following would MOST likely involve GPS?
A. Wardriving
B. Protocol analyzer
C. Replay attack
D. WPS attack
Wardriving
A system administrator is notified by a staff member that their laptop has been lost. The laptop contains the user’s digital certificate. Which of the following will help resolve the issue? (Select TWO).
A. Revoke the digital certificate
B. Mark the key as private and import it
C. Restore the certificate using a CRL
D. Issue a new digital certificate
E. Restore the certificate using a recovery agent
Revoke the digital certificate
Issue a new digital certificate
Which of the following is an example of a false positive?
A. Anti-virus identifies a benign application as malware.
B. A biometric iris scanner rejects an authorized user wearing a new contact lens.
C. A user account is locked out after the user mistypes the password too many times.
D. The IDS does not identify a buffer overflow.
Anti-virus identifies a benign application as malware.
Which of the following should be used when a business needs a block cipher with minimal key size for internal encryption?
A. AES
B. Blowfish
C. RC5
D. 3DES
Blowfish
Digital signatures are used for ensuring which of the following items? (Select TWO).
A. Confidentiality
B. Integrity
C. Non-Repudiation
D. Availability
E. Algorithm strength
Integrity
Non-Repudiation
A security administrator wants to check user password complexity. Which of the following is the
BEST tool to use?
A. Password history
B. Password logging
C. Password cracker
D. Password hashing
Password cracker
An organization processes credit card transactions and is concerned that an employee may intentionally email credit card numbers to external email addresses. This company should consider which of the following technologies?
A. IDS
B. Firewalls
C. DLP
D. IPS
DLP
All of the following are valid cryptographic hash functions EXCEPT:
A. RIPEMD.
B. RC4.
C. SHA-512.
D. MD4.
RC4
An administrator wants to establish a WiFi network using a high gain directional antenna with a narrow radiation pattern to connect two buildings separated by a very long distance. Which of the following antennas would be BEST for this situation?
A. Dipole
B. Yagi
C. Sector
D. Omni
Yagi