Deck E Flashcards
Which of the following documents outlines the technical and security requirements of an agreement between organizations?
A. BPA
B. RFQ
C. ISA
D. RFC
ISA
Which of the following controls can be implemented together to prevent data loss in the event of theft of a mobile device storing sensitive information? (Select TWO).
A. Full device encryption
B. Screen locks
C. GPS
D. Asset tracking
E. Inventory control
Full device encryption
Screen locks
Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?
A. Input validation
B. Network intrusion detection system
C. Anomaly-based HIDS
D. Peer review
Input validation
Matt, an administrator, notices a flood fragmented packet and retransmits from an email server.
After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?
A. Spam filter
B. Protocol analyzer
C. Web application firewall
D. Load balancer
Protocol analyzer
Company A submitted a bid on a contract to do work for Company B via email. Company B was insistent that the bid did not come from Company A. Which of the following would have assured that the bid was submitted by Company A?
A. Steganography
B. Hashing
C. Encryption
D. Digital Signatures
Digital Signatures
After Ann, a user, logs into her banking websites she has access to her financial institution mortgage, credit card, and brokerage websites as well. Which of the following is being described?
A. Trusted OS
B. Mandatory access control
C. Separation of duties
D. Single sign-on
Single sign-on
An organization must implement controls to protect the confidentiality of its most sensitive data. The company is currently using a central storage system and group based access control for its sensitive information. Which of the following controls can further secure the data in the central storage system?
A. Data encryption
B. Patching the system
C. Digital signatures
D. File hashing
Data encryption
Results from a vulnerability analysis indicate that all enabled virtual terminals on a router can be accessed using the same password. The company’s network device security policy mandates that at least one virtual terminal have a different password than the other virtual terminals. Which of the following sets of commands would meet this requirement?
A. line vty 0 6 P@s5W0Rd password line vty 7 Qwer++!Y password
B. line console 0 password password line vty 0 4 password P@s5W0Rd
C. line vty 0 3 password Qwer++!Y line vty 4 password P@s5W0Rd
D. line vty 0 3 password Qwer++!Y line console 0 password P@s5W0Rd
line vty 0 3 password Qwer++!Y line vty 4 password P@s5W0Rd
Use of group accounts should be minimized to ensure which of the following?
A. Password security
B. Regular auditing
C. Baseline management
D. Individual accountability
Individual accountability
The common method of breaking larger network address space into smaller networks is known as:
A. subnetting.
B. phishing.
C. virtualization.
D. packet filtering.
subnetting
Which of the following is described as an attack against an application using a malicious file?
A. Client side attack
B. Spam
C. Impersonation attack
D. Phishing attack
Client side attack
Which of the following BEST describes the type of attack that is occurring? (Select TWO).
A. DNS spoofing
B. Man-in-the-middle
C. Backdoor
D. Replay
E. ARP attack
F. Spear phishing
G. Xmas attack
DNS spoofing
Spear phishing
Which of the following would BEST be used to calculate the expected loss of an event, if the likelihood of an event occurring is known? (Select TWO).
A. DAC
B. ALE
C. SLE
D. ARO
E. ROI
ALE
SLE
A recent review of accounts on various systems has found that after employees’ passwords are required to change they are recycling the same password as before. Which of the following policies should be enforced to prevent this from happening? (Select TWO).
A. Reverse encryption
B. Minimum password age
C. Password complexity
D. Account lockouts
E. Password history
F. Password expiration
Minimum password age
Password history
Which of the following network devices is used to analyze traffic between various network interfaces?
A. Proxies
B. Firewalls
C. Content inspection
D. Sniffers
Sniffers
In order for network monitoring to work properly, you need a PC and a network card running in what mode?
A. Launch
B. Exposed
C. Promiscuous
D. Sweep
Promiscuous
An information bank has been established to store contacts, phone numbers and other records.
An application running on UNIX would like to connect to this index server using port 88. Which of the following authentication services would this use this port by default?
A. Kerberos
B. TACACS+
C. Radius
D. LDAP
Kerberos
The Chief Security Officer (CSO) is contacted by a first responder. The CSO assigns a handler. Which of the following is occurring?
A. Unannounced audit response
B. Incident response process
C. Business continuity planning
D. Unified threat management
E. Disaster recovery process
Incident response process
Several users’ computers are no longer responding normally and sending out spam email to the users’ entire contact list. This is an example of which of the following?
A. Trojan virus
B. Botnet
C. Worm outbreak
D. Logic bomb
Worm outbreak
A security engineer, Peter, has been asked to create a secure connection between his mail server and the mail server of a business partner. Which of the following protocol would be MOST appropriate?
A. HTTPS
B. SSH
C. FTP
D. TLS
TLS
The chief Risk officer is concerned about the new employee BYOD device policy and has requested the security department implement mobile security controls to protect corporate data in the event that a device is lost or stolen. The level of protection must not be compromised even if the communication SIM is removed from the device. Which of the following BEST meets the requirements? (Select TWO)
A. Asset tracking
B. Screen-locks
C. GEO-Tracking
D. Device encryption
Asset tracking
Device encryption
During the information gathering stage of a deploying role-based access control model, which of the following information is MOST likely required?
A. Conditional rules under which certain systems may be accessed
B. Matrix of job titles with required access privileges
C. Clearance levels of all company personnel
D. Normal hours of business operation
Matrix of job titles with required access privileges
Several departments in a corporation have a critical need for routinely moving data from one system to another using removable storage devices. Senior management is concerned with data loss and the introduction of malware on the network. Which of the following choices BEST mitigates the range of risks associated with the continued use of removable storage devices?
A. Remote wiping enabled for all removable storage devices
B. Full-disk encryption enabled for all removable storage devices
C. A well defined acceptable use policy
D. A policy which details controls on removable storage use
A policy which details controls on removable storage use
Emily, the Chief Security Officer (CSO), has had four security breaches during the past two years.
Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years.
Which of the following should Emily do to address the risk?
A. Accept the risk saving $10,000.
B. Ignore the risk saving $5,000.
C. Mitigate the risk saving $10,000.
D. Transfer the risk saving $5,000.
Transfer the risk saving $5,000.
Which of the following protocols is used to authenticate the client and server’s digital certificate?
A. PEAP
B. DNS
C. TLS
D. ICMP
TLS
A company is starting to allow employees to use their own personal without centralized management. Employees must contract IT to have their devices configured to use corporate email; access is also available to the corporate cloud-based services. Which of the following is the BEST policy to implement under these circumstances?
A. Acceptable use policy
B. Security policy
C. Group policy
D. Business Agreement policy
Acceptable use policy
Which of the following is true about the CRL?
A. It should be kept public
B. It signs other keys
C. It must be kept secret
D. It must be encrypted
It should be kept public
Which of the following would a security administrator implement in order to discover comprehensive security threats on a network?
A. Design reviews
B. Baseline reporting
C. Vulnerability scan
D. Code review
Vulnerability scan
An insurance company requires an account recovery process so that information created by an employee can be accessed after that employee is no longer with the firm. Which of the following is the BEST approach to implement this process?
A. Employee is required to share their password with authorized staff prior to leaving the firm
B. Passwords are stored in a reversible form so that they can be recovered when needed
C. Authorized employees have the ability to reset passwords so that the data is accessible
D. All employee data is exported and imported by the employee prior to them leaving the firm
Authorized employees have the ability to reset passwords so that the data is accessible
A security administrator is concerned about the strength of user’s passwords. The company does not want to implement a password complexity policy. Which of the following can the security Administrator implement to mitigate the risk of an online password attack against users with weak passwords?
A. Increase the password length requirements
B. Increase the password history
C. Shorten the password expiration period
D. Decrease the account lockout time
Shorten the password expiration period
Jane, a security administrator, has been tasked with explaining authentication services to the company’s management team. The company runs an active directory infrastructure. Which of the following solutions BEST relates to the host authentication protocol within the company’s environment?
A. Kerberos
B. Least privilege
C. TACACS+
D. LDAP
Kerberos
Which of the following should Peter, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from their company?
A. Privacy Policy
B. Least Privilege
C. Acceptable Use
D. Mandatory Vacations
Mandatory Vacations
A company is concerned that a compromised certificate may result in a man-in-the-middle attack against backend financial servers. In order to minimize the amount of time a compromised certificate would be accepted by other servers, the company decides to add another validation step to SSL/TLS connections. Which of the following technologies provides the FASTEST revocation capability?
A. Online Certificate Status Protocol (OCSP)
B. Public Key Cryptography (PKI)
C. Certificate Revocation Lists (CRL)
D. Intermediate Certificate Authority (CA)
Online Certificate Status Protocol (OCSP)
The security manager wants to unify the storage of credential, phone numbers, office numbers, and address information into one system. Which of the following is a system that will support the requirement on its own?
A. LDAP
B. SAML
C. TACACS
D. RADIUS
LDAP
Which of the following functions provides an output which cannot be reversed and converts data into a string of characters?
A. Hashing
B. Stream ciphers
C. Steganography
D. Block ciphers
Hashing
Separation of duties is often implemented between developers and administrators in order to separate which of the following?
A. More experienced employees from less experienced employees
B. Changes to program code and the ability to deploy to production
C. Upper level management users from standard development employees
D. The network access layer from the application access layer
Changes to program code and the ability to deploy to production
The call center supervisor has reported that many employees have been playing preinstalled games on company computers and this is reducing productivity.
Which of the following would be MOST effective for preventing this behavior?
A. Acceptable use policies
B. Host-based firewalls
C. Content inspection
D. Application whitelisting
Application whitelisting
Which of the following is a BEST practice when dealing with user accounts that will only need to be active for a limited time period?
A. When creating the account, set the account to not remember password history.
B. When creating the account, set an expiration date on the account.
C. When creating the account, set a password expiration date on the account.
D. When creating the account, set the account to have time of day restrictions.
When creating the account, set an expiration date on the account.
Company XYZ recently salvaged company laptops and removed all hard drives, but the Chief Information Officer (CIO) is concerned about disclosure of confidential information. Which of the following is the MOST secure method to dispose of these hard drives?
A. Degaussing
B. Physical Destruction
C. Lock up hard drives in a secure safe
D. Wipe
Physical Destruction
Which of the following utilities can be used in Linux to view a list of users’ failed authentication attempts?
A. badlog
B. faillog
C. wronglog
D. killlog
faillog
Which of the following means of wireless authentication is easily vulnerable to spoofing?
A. MAC Filtering
B. WPA – LEAP
C. WPA – PEAP
D. Enabled SSID
MAC Filtering
A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following BEST describes this level of access control?
A. Implicit deny
B. Role-based Access Control
C. Mandatory Access Controls
D. Least privilege
Mandatory Access Controls
A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive’s laptop they notice several pictures of the employee’s pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match.
Which of the following describes how the employee is leaking these secrets?
A. Social engineering
B. Steganography
C. Hashing
D. Digital signatures
Steganography
An organization does not want the wireless network name to be easily discovered. Which of the following software features should be configured on the access points?
A. SSID broadcast
B. MAC filter
C. WPA2
D. Antenna placement
SSID broadcast
Peter, a security administrator, is concerned with users tailgating into the restricted areas. Given a limited budget, which of the following would BEST assist Peter with detecting this activity?
A. Place a full-time guard at the entrance to confirm user identity.
B. Install a camera and DVR at the entrance to monitor access.
C. Revoke all proximity badge access to make users justify access.
D. Install a motion detector near the entrance.
Install a camera and DVR at the entrance to monitor access.
An administrator needs to secure RADIUS traffic between two servers. Which of the following is the BEST solution?
A. Require IPSec with AH between the servers
B. Require the message-authenticator attribute for each message
C. Use MSCHAPv2 with MPPE instead of PAP
D. Require a long and complex shared secret for the servers
Require IPSec with AH between the servers
An organization has three divisions: Accounting, Sales, and Human Resources. Users in the Accounting division require access to a server in the Sales division, but no users in the Human Resources division should have access to resources in any other division, nor should any users in the Sales division have access to resources in the Accounting division. Which of the following network segmentation schemas would BEST meet this objective?
A. Create two VLANS, one for Accounting and Sales, and one for Human Resources.
B. Create one VLAN for the entire organization.
C. Create two VLANs, one for Sales and Human Resources, and one for Accounting.
D. Create three separate VLANS, one for each division.
Create three separate VLANS, one for each division.
A recent audit of a company’s identity management system shows that 30% of active accounts belong to people no longer with the firm. Which of the following should be performed to help avoid this scenario? (Select TWO).
A. Automatically disable accounts that have not been utilized for at least 10 days.
B. Utilize automated provisioning and de-provisioning processes where possible.
C. Request that employees provide a list of systems that they have access to prior to leaving the firm.
D. Perform regular user account review / revalidation process.
E. Implement a process where new account creations require management approval.
Utilize automated provisioning and de-provisioning processes where possible.
Perform regular user account review / revalidation process.
Which of the following application security testing techniques is implemented when an automated system generates random input data?
A. Fuzzing
B. XSRF
C. Hardening
D. Input validation
Fuzzing
Which of the following techniques enables a highly secured organization to assess security weaknesses in real time?
A. Access control lists
B. Continuous monitoring
C. Video surveillance
D. Baseline reporting
Continuous monitoring
The recovery agent is used to recover the:
A. Root certificate
B. Key in escrow
C. Public key
D. Private key
Private key
Which of the following attacks impact the availability of a system? (Select TWO).
A. Smurf
B. Phishing
C. Spam
D. DDoS
E. Spoofing
Smurf
DDoS
Which of the following risk mitigation strategies will allow Ann, a security analyst, to enforce least privilege principles?
A. User rights reviews
B. Incident management
C. Risk based controls
D. Annual loss expectancy
User rights reviews
While previously recommended as a security measure, disabling SSID broadcast is not effective against most attackers because network SSIDs are:
A. no longer used to authenticate to most wireless networks.
B. contained in certain wireless packets in plaintext.
C. contained in all wireless broadcast packets by default.
D. no longer supported in 802.11 protocols.
contained in certain wireless packets in plaintext.
A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened on the firewall in order for this VPN to function properly? (Select TWO).
A. UDP 1723
B. TCP 500
C. TCP 1723
D. UDP 47
E. TCP 47
TCP 1723
UDP 47
Which of the following application attacks is used to gain access to SEH?
A. Cookie stealing
B. Buffer overflow
C. Directory traversal
D. XML injection
Buffer overflow
An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this?
A. User rights reviews
B. Least privilege and job rotation
C. Change management
D. Change Control
User rights reviews
A small company wants to employ PKI. The company wants a cost effective solution that must be simple and trusted. They are considering two options: X.509 and PGP. Which of the following would be the BEST option?
A. PGP, because it employs a web-of-trust that is the most trusted form of PKI.
B. PGP, because it is simple to incorporate into a small environment. PGP, because it is simple to incorporate into a small environment.
C. X.509, because it uses a hierarchical design that is the most trusted form of PKI.
D. X.509, because it is simple to incorporate into a small environment.
PGP, because it is simple to incorporate into a small environment.
Speaking a passphrase into a voice print analyzer is an example of which of the following security concepts?
A. Two factor authentication
B. Identification and authorization
C. Single sign-on
D. Single factor authentication
Tow factor authentication
A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application. The security administrator notices that the new application uses a port typically monopolized by a virus. The security administrator denies the request and suggests a new port or service be used to complete the application’s task. Which of the following is the security administrator practicing in this example?
A. Explicit deny
B. Port security
C. Access control lists
D. Implicit deny
Access control lists
Which of the following is a way to implement a technical control to mitigate data loss in case of a mobile device theft?
A. Disk encryption
B. Encryption policy
C. Solid state drive
D. Mobile device policy
Disk encryption
In the case of a major outage or business interruption, the security office has documented the expected loss of earnings, potential fines and potential consequence to customer service. Which of the following would include the MOST detail on these objectives?
A. Business Impact Analysis
B. IT Contingency Plan
C. Disaster Recovery Plan
D. Continuity of Operations
Business Impact Analysis
Which of the following types of trust models is used by a PKI?
A. Transitive
B. Open source
C. Decentralized
D. Centralized
Centralized
After a production outage, which of the following documents contains detailed information on the order in which the system should be restored to service?
A. Succession planning
B. Disaster recovery plan
C. Information security plan
D. Business impact analysis
Disaster recovery plan
A security administrator has installed a new KDC for the corporate environment. Which of the following authentication protocols is the security administrator planning to implement across the organization?
A. LDAP
B. RADIUS
C. Kerberos
D. XTACACS
Kerberos
An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement?
A. Implement IIS hardening by restricting service accounts.
B. Implement database hardening by applying vendor guidelines.
C. Implement perimeter firewall rules to restrict access.
D. Implement OS hardening by applying GPOs.
Implement OS hardening by applying GPOs.
An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement?
A. Implement IIS hardening by restricting service accounts.
B. Implement database hardening by applying vendor guidelines.
C. Implement perimeter firewall rules to restrict access.
D. Implement OS hardening by applying GPOs.
Implement OS hardening by applying GPOs.
Fuzzing is a security assessment technique that allows testers to analyze the behavior of software applications under which of the following conditions?
A. Unexpected input
B. Invalid output
C. Parameterized input
D. Valid output
Unexpected input
A network administrator, Peter, arrives at his new job to find that none of the users have changed their network passwords since they were initially hired. Peter wants to have everyone change their passwords immediately. Which of the following policies should be enforced to initiate a password change?
A. Password expiration
B. Password reuse
C. Password recovery
D. Password disablement
Password expiration
Which of the following is a common coding error in which boundary checking is not performed?
A. Input validation
B. Fuzzing
C. Secure coding
D. Cross-site scripting
Input validation
A security administrator must implement a system to allow clients to securely negotiate encryption keys with the company’s server over a public unencrypted communication channel.
Which of the following implements the required secure key negotiation? (Select TWO).
A. PBKDF2
B. Symmetric encryption
C. Steganography
D. ECDHE
E. Diffie-Hellman
ECDHE
Diffie-Hellman
A technician wants to implement a dual factor authentication system that will enable the organization to authorize access to sensitive systems on a need-to-know basis. Which of the following should be implemented during the authorization stage?
A. Biometrics
B. Mandatory access control
C. Single sign-on
D. Role-based access control
Biometrics
Ann is the data owner of financial records for a company. She has requested that she have the ability to assign read and write privileges to her folders. The network administrator is tasked with setting up the initial access control system and handing Ann’s administrative capabilities. Which of the following systems should be deployed?
A. Role-based
B. Mandatory
C. Discretionary
D. Rule-based
Discretionary
Elastic cloud computing environments often reuse the same physical hardware for multiple customers over time as virtual machines are instantiated and deleted. This has important implications for which of the following data security concerns?
A. Hardware integrity
B. Data confidentiality
C. Availability of servers
D. Integrity of data
Data confidentiality
Peter needs to track employees who log into a confidential database and edit files. In the past, critical files have been edited, and no one admits to making the edits. Which of the following does Peter need to implement in order to enforce accountability?
A. Non-repudiation
B. Fault tolerance
C. Hashing
D. Redundancy
Hashing
Peter needs to track employees who log into a confidential database and edit files. In the past, critical files have been edited, and no one admits to making the edits. Which of the following does Peter need to implement in order to enforce accountability?
A. Non-repudiation
B. Fault tolerance
C. Hashing
D. Redundancy
Hashing
Methods to test the responses of software and web applications to unusual or unexpected inputs are known as:
A. Brute force.
B. HTML encoding.
C. Web crawling.
D. Fuzzing.
Fuzzing
Peter must send Ann a message and provide Ann with assurance that he was the actual sender. Which of the following will Peter need to use to BEST accomplish the objective?
A. A pre-shared private key
B. His private key
C. Ann’s public key
D. His public key
His private key
Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?
A. Intrusion Detection System
B. Flood Guard Protection
C. Web Application Firewall
D. URL Content Filter
Web Application Firewall
Which of the following types of security services are used to support authentication for remote users and devices?
A. Biometrics
B. HSM
C. RADIUS
D. TACACS
RADIUS
Which of the following types of wireless attacks would be used specifically to impersonate another WAP in order to gain unauthorized information from mobile users?
A. IV attack
B. Evil twin
C. War driving
D. Rogue access point
Evil twin
An administrator implements SELinux on a production web server. After implementing this, the web server no longer serves up files from users’ home directories. To rectify this, the administrator creates a new policy as the root user. This is an example of which of the following? (Select TWO).
A. Enforcing SELinux in the OS kernel is role-based access control
B. Enforcing SELinux in the OS kernel is rule-based access control
C. The policy added by the root user is mandatory access control
D. Enforcing SELinux in the OS kernel is mandatory access control
E. The policy added by the root user is role-based access control
F. The policy added by the root user is rule-based access control
Enforcing SELinux in the OS kernel is mandatory access control
The policy added by the root user is rule-based access control
An employee connects a wireless access point to the only jack in the conference room to provide Internet access during a meeting. The access point is configured to use WPA2-TKIP. A malicious user is able to intercept clear text HTTP communication between the meeting attendees and the Internet. Which of the following is the reason the malicious user is able to intercept and see the clear text communication?
A. The malicious user has access to the WPA2-TKIP key.
B. The wireless access point is broadcasting the SSID.
C. The malicious user is able to capture the wired communication.
D. The meeting attendees are using unencrypted hard drives.
The malicious user is able to capture the wired communication.
An internal auditing team would like to strengthen the password policy to support special characters. Which of the following types of password controls would achieve this goal?
A. Add reverse encryption
B. Password complexity
C. Increase password length
D. Allow single sign on
Password complexity
A security administrator must implement a system that will support and enforce the following file system access control model:
FILE NAMESECURITY LABEL
Employees.docConfidential
Salary.xlsConfidential
OfficePhones.xlsUnclassified
PersonalPhones.xlsRestricted
Which of the following should the security administrator implement?
A. White and black listing
B. SCADA system
C. Trusted OS
D. Version control
Trusted OS
A user casually browsing the Internet is redirected to a warez site where a number of pop-ups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the following is MOST likely to be contained in the download?
A. Backdoor
B. Spyware
C. Logic bomb
D. DDoS
E. Smurf
Spyware
Which of the following security architecture elements also has sniffer functionality? (Select TWO).
A. HSM
B. IPS
C. SSL accelerator
D. WAP
E. IDS
IPS
IDS
Identifying residual risk is MOST important to which of the following concepts?
A. Risk deterrence
B. Risk acceptance
C. Risk mitigation
D. Risk avoidance
Risk acceptance
ABC company has a lot of contractors working for them. The provisioning team does not always get notified that a contractor has left the company. Which of the following policies would prevent contractors from having access to systems in the event a contractor has left?
A. Annual account review
B. Account expiration policy
C. Account lockout policy
D. Account disablement
Account expiration policy
Which of the following secure file transfer methods uses port 22 by default?
A. FTPS
B. SFTP
C. SSL
D. S/MIME
SFTP
RADIUS provides which of the following?
A. Authentication, Authorization, Availability
B. Authentication, Authorization, Auditing
C. Authentication, Accounting, Auditing
D. Authentication, Authorization, Accounting
Authentication, Authorization, Accounting
Upper management decides which risk to mitigate based on cost. This is an example of:
A. Qualitative risk assessment
B. Business impact analysis
C. Risk management framework
D. Quantitative risk assessment
Quantitative risk assessment
A security technician is attempting to access a wireless network protected with WEP. The technician does not know any information about the network. Which of the following should the technician do to gather information about the configuration of the wireless network?
A. Spoof the MAC address of an observed wireless network client
B. Ping the access point to discover the SSID of the network
C. Perform a dictionary attack on the access point to enumerate the WEP key
D. Capture client to access point disassociation packets to replay on the local PC’s loopback
Spoof the MAC address of an observed wireless network client
When creating a public / private key pair, for which of the following ciphers would a user need to specify the key strength?
A. SHA
B. AES
C. DES
D. RSA
RSA
Which of the following would provide the STRONGEST encryption?
A. Random one-time pad
B. DES with a 56-bit key
C. AES with a 256-bit key
D. RSA with a 1024-bit key
Random one-time pad
A security administrator must implement a wireless encryption system to secure mobile devices’ communication. Some users have mobile devices which only support 56-bit encryption. Which of the following wireless encryption methods should be implemented?
A. RC4
B. AES
C. MD5
D. TKIP
RC4
A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another?
A. Implement a virtual firewall
B. Install HIPS on each VM
C. Virtual switches with VLANs
D. Develop a patch management guide
Virtual switches with VLANs
Various employees have lost valuable customer data due to hard drives failing in company provided laptops. It has been discovered that the hard drives used in one model of laptops provided by the company has been recalled by the manufactory, The help desk is only able to replace the hard drives after they fail because there is no centralized records of the model of laptop given to each specific user. Which of the following could have prevented this situation from occurring?
A. Data backups
B. Asset tracking
C. Support ownership
D. BYOD policies
Data backups
