Deck G Flashcards

1
Q

Which of the following authentication methods can use the SCTP and TLS protocols for reliable packet transmissions?

A. TACACS+

B. SAML

C. Diameter

D. Kerberos

A

Diameter

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the following BEST describes using a smart card and typing in a PIN to gain access to a system?

A. Biometrics

B. PKI

C. Single factor authentication

D. Multifactor authentication

A

Multifactor authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

It has been discovered that students are using kiosk tablets intended for registration and scheduling to play games and utilize instant messaging. Which of the following could BEST eliminate this issue?

A. Device encryption

B. Application control

C. Content filtering

D. Screen-locks

A

Application control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections. Which of the following is MOST likely the reason for this recommendation? (Select TWO).

A. To allow load balancing for cloud support

B. To allow for business continuity if one provider goes out of business

C. To eliminate a single point of failure

D. To allow for a hot site in case of disaster

E. To improve intranet communication speeds

A

To allow for business continuity if one provider goes out of business

To eliminate a single point of failure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

The librarian wants to secure the public Internet kiosk PCs at the back of the library. Which of the following would be the MOST appropriate? (Select TWO).

A. Device encryption

B. Antivirus

C. Privacy screen

D. Cable locks

E. Remote wipe

A

Antivirus

Cable locks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

A periodic update that corrects problems in one version of a product is called a

A. Hotfix

B. Overhaul

C. Service pack

D. Security update

A

Service pack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Peter, the Chief Technical Officer (CTO), is concerned about new malware being introduced into the corporate network. He has tasked the security engineers to implement a technology that is capable of alerting the team when unusual traffic is on the network. Which of the following types of technologies will BEST address this scenario?

A. Application Firewall

B. Anomaly Based IDS

C. Proxy Firewall

D. Signature IDS

A

Anomaly Based IDS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following is the primary security concern when deploying a mobile device on a network?

A. Strong authentication

B. Interoperability

C. Data security

D. Cloud storage technique

A

Data security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following is a best practice for error and exception handling?

A. Log detailed exception but display generic error message

B. Display detailed exception but log generic error message

C. Log and display detailed error and exception messages

D. Do not log or display error or exception messages

A

Log detailed exception but display generic error message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A company replaces a number of devices with a mobile appliance, combining several functions.
Which of the following descriptions fits this new implementation? (Select TWO).

A. Cloud computing

B. Virtualization

C. All-in-one device

D. Load balancing

E. Single point of failure

A

All-in-one device

Single point of failure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

An organizations’ security policy requires that users change passwords every 30 days. After a security audit, it was determined that users were recycling previously used passwords. Which of the following password enforcement policies would have mitigated this issue?

A. Password history

B. Password complexity

C. Password length

D. Password expiration

A

Password history

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A network technician is on the phone with the system administration team. Power to the server room was lost and servers need to be restarted. The DNS services must be the first to be restarted. Several machines are powered off. Assuming each server only provides one service, which of the following should be powered on FIRST to establish DNS services?

A. Bind server

B. Apache server

C. Exchange server

D. RADIUS server

A

Bind server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

An administrator discovers that many users have used their same passwords for years even though the network requires that the passwords be changed every six weeks. Which of the following, when used together, would BEST prevent users from reusing their existing password? (Select TWO).

A. Length of password

B. Password history

C. Minimum password age

D. Password expiration

E. Password complexity

F. Non-dictionary words

A

Password history

Minimum password age

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Key cards at a bank are not tied to individuals, but rather to organizational roles. After a break in, it becomes apparent that extra efforts must be taken to successfully pinpoint who exactly enters secure areas. Which of the following security measures can be put in place to mitigate the issue until a new key card system can be installed?

A. Bollards

B. Video surveillance

C. Proximity readers

D. Fencing

A

Video surveillance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Ann, a security administrator, has concerns regarding her company’s wireless network. The network is open and available for visiting prospective clients in the conference room, but she notices that many more devices are connecting to the network than should be.
Which of the following would BEST alleviate Ann’s concerns with minimum disturbance of current functionality for clients?

A. Enable MAC filtering on the wireless access point.

B. Configure WPA2 encryption on the wireless access point.

C. Lower the antenna’s broadcasting power.

D. Disable SSID broadcasting.

A

Lower the antenna’s broadcasting power.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the certificate owner?

A. Trust models

B. CRL

C. CA

D. Recovery agent

A

CA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

A large corporation has data centers geographically distributed across multiple continents. The company needs to securely transfer large amounts of data between the data center. The data transfer can be accomplished physically or electronically, but must prevent eavesdropping while the data is on transit. Which of the following represents the BEST cryptographic solution?

A. Driving a van full of Micro SD cards from data center to data center to transfer data

B. Exchanging VPN keys between each data center via an SSL connection and transferring the data in the VPN

C. Using a courier to deliver symmetric VPN keys to each data center and transferring data in the VPN

D. Using PKI to encrypt each file and transferring them via an Internet based FTP or cloud server

A

Exchanging VPN keys between each data center via an SSL connection and transferring the data in the VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A company plans to expand by hiring new engineers who work in highly specialized areas. Each engineer will have very different job requirements and use unique tools and applications in their job. Which of the following is MOST appropriate to use?

A. Role-based privileges

B. Credential management

C. User assigned privileges

D. User access

A

Role-based privileges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A security administrator must implement a secure key exchange protocol that will allow company clients to autonomously exchange symmetric encryption keys over an unencrypted channel. Which of the following MUST be implemented?

A. SHA-256

B. AES

C. Diffie-Hellman

D. 3DES

A

Diffie-Hellman

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here?

A. Separation of duties

B. Least privilege

C. Same sign-on

D. Single sign-on

A

Same sign-on

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following may cause Jane, the security administrator, to seek an ACL work around?

A. Zero day exploit

B. Dumpster diving

C. Virus outbreak

D. Tailgating

A

Zero day exploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A security administrator has concerns about new types of media which allow for the mass distribution of personal comments to a select group of people. To mitigate the risks involved with this media, employees should receive training on which of the following?

A. Peer to Peer

B. Mobile devices

C. Social networking

D. Personally owned devices

A

Social networking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Emily, a security engineer, is testing encryption ciphers for performance. Which of the following ciphers offers strong encryption with the FASTEST speed?

A. 3DES

B. Blowfish

C. Serpent

D. AES256

A

Blowfish

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

An administrator wishes to hide the network addresses of an internal network when connecting to the Internet. The MOST effective way to mask the network address of the users would be by passing the traffic through a:

A. stateful firewall

B. packet-filtering firewall

C. NIPS

D. NAT

A

NAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Emily, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Emily BEST accommodate the vendor?

A. Allow incoming IPSec traffic into the vendor’s IP address.

B. Set up a VPN account for the vendor, allowing access to the remote site.

C. Turn off the firewall while the vendor is in the office, allowing access to the remote site.

D. Write a firewall rule to allow the vendor to have access to the remote site.

A

Write a firewall rule to allow the vendor to have access to the remote site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

The system administrator is tasked with changing the administrator password across all 2000 computers in the organization. Which of the following should the system administrator implement to accomplish this task?

A. A security group

B. A group policy

C. Key escrow

D. Certificate revocation

A

A group policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Which of the following is true about PKI? (Select TWO).

A. When encrypting a message with the public key, only the public key can decrypt it.

B. When encrypting a message with the private key, only the private key can decrypt it.

C. When encrypting a message with the public key, only the CA can decrypt it.

D. When encrypting a message with the public key, only the private key can decrypt it.

E. When encrypting a message with the private key, only the public key can decrypt it.

A

When encrypting a message with the public key, only the private key can decrypt it.

When encrypting a message with the private key, only the public key can decrypt it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Which of the following concepts is enforced by certifying that email communications have been sent by who the message says it has been sent by?

A. Key escrow

B. Non-repudiation

C. Multifactor authentication

D. Hashing

A

Non-repuditation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

A security administrator must implement all requirements in the following corporate policy: Passwords shall be protected against offline password brute force attacks. Passwords shall be protected against online password brute force attacks. Which of the following technical controls must be implemented to enforce the corporate policy? (Select THREE).

A. Account lockout

B. Account expiration

C. Screen locks

D. Password complexity

E. Minimum password lifetime

F. Minimum password length

A

Account lockout

Password complexity

Minimum password length

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Ann is starting a disaster recovery program. She has gathered specifics and team members for a meeting on site. Which of the following types of tests is this?

A. Structured walkthrough

B. Full Interruption test

C. Checklist test

D. Tabletop exercise

A

Structured walkthrough

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

A network administrator recently updated various network devices to ensure redundancy throughout the network. If an interface on any of the Layer 3 devices were to go down, traffic will still pass through another interface and the production environment would be unaffected. This type of configuration represents which of the following concepts?

A. High availability

B. Load balancing

C. Backout contingency plan

D. Clustering

A

High availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Which of the following is the BEST approach to perform risk mitigation of user access control rights?

A. Conduct surveys and rank the results.

B. Perform routine user permission reviews.

C. Implement periodic vulnerability scanning.

D. Disable user accounts that have not been used within the last two weeks.

A

Perform routine user permission reviews.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

An administrator has a network subnet dedicated to a group of users. Due to concerns regarding data and network security, the administrator desires to provide network access for this group only. Which of the following would BEST address this desire?

A. Install a proxy server between the users’ computers and the switch to filter inbound network traffic.

B. Block commonly used ports and forward them to higher and unused port numbers.

C. Configure the switch to allow only traffic from computers based upon their physical address.

D. Install host-based intrusion detection software to monitor incoming DHCP Discover requests.

A

Configure the switch to allow only traffic from computers based upon their physical address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Which of the following devices is MOST likely being used when processing the following?
1 PERMIT IP ANY ANY EQ 80
2 DENY IP ANY ANY

A. Firewall

B. NIPS

C. Load balancer

D. URL filter

A

Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

When designing a new network infrastructure, a security administrator requests that the intranet web server be placed in an isolated area of the network for security purposes. Which of the following design elements would be implemented to comply with the security administrator’s request?

A. DMZ

B. Cloud services

C. Virtualization

D. Sandboxing

A

DMZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Which of the following is an authentication method that can be secured by using SSL?

A. RADIUS

B. LDAP

C. TACACS+

D. Kerberos

A

LDAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Which of the following types of authentication packages user credentials in a ticket?

A. Kerberos

B. LDAP

C. TACACS+

D. RADIUS

A

Kerberos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

In which of the following scenarios is PKI LEAST hardened?

A. The CRL is posted to a publicly accessible location.

B. The recorded time offsets are developed with symmetric keys.

C. A malicious CA certificate is loaded on all the clients.

D. All public keys are accessed by an unauthorized user.

A

A malicious CA certificate is loaded on all the clients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Ann has taken over as the new head of the IT department. One of her first assignments was to implement AAA in preparation for the company’s new telecommuting policy. When she takes inventory of the organizations existing network infrastructure, she makes note that it is a mix of several different vendors. Ann knows she needs a method of secure centralized access to the company’s network resources. Which of the following is the BEST service for Ann to implement?

A. RADIUS

B. LDAP

C. SAML

D. TACACS+

A

RADIUS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Configuring the mode, encryption methods, and security associations are part of which of the following?

A. IPSec

B. Full disk encryption

C. 802.1x

D. PKI

A

IPSec

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

An IT auditor tests an application as an authenticated user. This is an example of which of the following types of testing?

A. Penetration

B. White box

C. Black box

D. Gray box

A

Gray box

42
Q

Which of the following security concepts identifies input variables which are then used to perform boundary testing?

A. Application baseline

B. Application hardening

C. Secure coding

D. Fuzzing

A

Fuzzing

43
Q

Which of the following would allow the organization to divide a Class C IP address range into several ranges?

A. DMZ

B. Virtual LANs

C. NAT

D. Subnetting

A

Subnetting

44
Q

Which of the following can be used to maintain a higher level of security in a SAN by allowing isolation of mis-configurations or faults?

A. VLAN

B. Protocol security

C. Port security

D. VSAN

A

VSAN

45
Q

Which of the following is an important step in the initial stages of deploying a host-based firewall?

A. Selecting identification versus authentication

B. Determining the list of exceptions

C. Choosing an encryption algorithm

D. Setting time of day restrictions

A

Determining the list of exceptions

46
Q

When implementing fire suppression controls in a datacenter it is important to:

A. Select a fire suppression system which protects equipment but may harm technicians.

B. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers.

C. Integrate maintenance procedures to include regularly discharging the system.

D. Use a system with audible alarms to ensure technicians have 20 minutes to evacuate.

A

Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers.

47
Q

A company’s security administrator wants to manage PKI for internal systems to help reduce costs. Which of the following is the FIRST step the security administrator should take?

A. Install a registration server.

B. Generate shared public and private keys.

C. Install a CA

D. Establish a key escrow policy.

A

Install a CA

48
Q

Which of the following can be implemented if a security administrator wants only certain devices connecting to the wireless network?

A. Disable SSID broadcast

B. Install a RADIUS server

C. Enable MAC filtering

D. Lowering power levels on the AP

A

Enable MAC filtering

49
Q

An access point has been configured for AES encryption but a client is unable to connect to it. Which of the following should be configured on the client to fix this issue?

A. WEP

B. CCMP

C. TKIP

D. RC4

A

CCMP

50
Q

Which of the following implementation steps would be appropriate for a public wireless hot-spot?

A. Reduce power level

B. Disable SSID broadcast

C. Open system authentication

D. MAC filter

A

Open system authentication

51
Q

A way to assure data at-rest is secure even in the event of loss or theft is to use:

A. Full device encryption.

B. Special permissions on the file system.

C. Trusted Platform Module integration.

D. Access Control Lists.

A

Full device encryption

52
Q

An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also believed that user accounts belonging to ATM operators may have been compromised. Which of the following attacks has MOST likely taken place?

A. Shoulder surfing

B. Dumpster diving

C. Whaling attack

D. Vishing attack

A

Shoulder surfing

53
Q

After copying a sensitive document from his desktop to a flash drive, Peter, a user, realizes that the document is no longer encrypted. Which of the following can a security technician implement to ensure that documents stored on Peter’s desktop remain encrypted when moved to external media or other network based storage?

A. Whole disk encryption

B. Removable disk encryption

C. Database record level encryption

D. File level encryption

A

File level encryption

54
Q

Which of the following pseudocodes can be used to handle program exceptions?

A. If program detects another instance of itself, then kill program instance.

B. If user enters invalid input, then restart program.

C. If program module crashes, then restart program module.

D. If user’s input exceeds buffer length, then truncate the input.

A

If program module crashes, then restart program module.

55
Q

Which of the following is a penetration testing method?

A. Searching the WHOIS database for administrator contact information

B. Running a port scanner against the target’s network

C. War driving from a target’s parking lot to footprint the wireless network

D. Calling the target’s helpdesk, requesting a password reset

A

Calling the target’s helpdesk, requesting a password reset

56
Q

An SSL/TLS private key is installed on a corporate web proxy in order to inspect HTTPS requests.
Which of the following describes how this private key should be stored so that it is protected from theft?

A. Implement full disk encryption

B. Store on encrypted removable media

C. Utilize a hardware security module

D. Store on web proxy file system

A

Utilize a hardware security module

57
Q

A security administrator is aware that a portion of the company’s Internet-facing network tends to be non-secure due to poorly configured and patched systems. The business owner has accepted the risk of those systems being compromised, but the administrator wants to determine the degree to which those systems can be used to gain access to the company intranet. Which of the following should the administrator perform?

A. Patch management assessment

B. Business impact assessment

C. Penetration test

D. Vulnerability assessment

A

Penetration test

58
Q

Configuring key/value pairs on a RADIUS server is associated with deploying which of the following?

A. WPA2-Enterprise wireless network

B. DNS secondary zones

C. Digital certificates

D. Intrusion detection system

A

WPA2-Enterprise wireless network

59
Q

Which of the following assets is MOST likely considered for DLP?

A. Application server content

B. USB mass storage devices

C. Reverse proxy

D. Print server

A

USB mass storage devices

60
Q

Mandatory vacations are a security control which can be used to uncover which of the following?

A. Fraud committed by a system administrator

B. Poor password security among users

C. The need for additional security staff

D. Software vulnerabilities in vendor code

A

Fraud committed by a system administrator

61
Q

A quality assurance analyst is reviewing a new software product for security, and has complete access to the code and data structures used by the developers. This is an example of which of the following types of testing?

A. Black box

B. Penetration

C. Gray box

D. White box

A

White box

62
Q

Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to gather data on new malware. Which of the following is being implemented by Jane’s company?

A. Vulnerability scanner

B. Honeynet

C. Protocol analyzer

D. Port scanner

A

Honeynet

63
Q

A security administrator forgets their card to access the server room. The administrator asks a coworker if they could use their card for the day. Which of the following is the administrator using to gain access to the server room?

A. Man-in-the-middle

B. Tailgating

C. Impersonation

D. Spoofing

A

Impersonation

64
Q

Several departments within a company have a business need to send high volumes of confidential information to customers via email. Which of the following is the BEST solution to mitigate unintentional exposure of confidential information?

A. Employ encryption on all outbound emails containing confidential information.

B. Employ exact data matching and prevent inbound emails with Data Loss Prevention.

C. Employ hashing on all outbound emails containing confidential information.

D. Employ exact data matching and encrypt inbound e-mails with Data Loss Prevention.

A

Employ encryption on all outbound emails containing confidential information.

65
Q

Which of the following protocols is the security administrator observing in this packet capture?
12:33:43, SRC 192.168.4.3:3389, DST 10.67.33.20:8080, SYN/ACK

A. HTTPS

B. RDP

C. HTTP

D. SFTP

A

RDP

66
Q

A financial company requires a new private network link with a business partner to cater for realtime and batched data flows.
Which of the following activities should be performed by the IT security staff member prior to establishing the link?

A. Baseline reporting

B. Design review

C. Code review

D. SLA reporting

A

Design review

67
Q

Computer evidence at a crime is preserved by making an exact copy of the hard disk. Which of the following does this illustrate?

A. Taking screenshots

B. System image capture

C. Chain of custody

D. Order of volatility

A

System image capture

68
Q

An administrator needs to connect a router in one building to a router in another using Ethernet. Each router is connected to a managed switch and the switches are connected to each other via a fiber line. Which of the following should be configured to prevent unauthorized devices from connecting to the network?

A. Configure each port on the switches to use the same VLAN other than the default one

B. Enable VTP on both switches and set to the same domain

C. Configure only one of the routers to run DHCP services

D. Implement port security on the switches

A

Implement port security on the switches

69
Q

The security manager received a report that an employee was involved in illegal activity and has saved data to a workstation’s hard drive. During the investigation, local law enforcement’s criminal division confiscates the hard drive as evidence. Which of the following forensic procedures is involved?

A. Chain of custody

B. System image

C. Take hashes

D. Order of volatility

A

Chain of custody

70
Q

Which of the following protocols allows for secure transfer of files? (Select TWO).

A. ICMP

B. SNMP

C. SFTP

D. SCP

E. TFTP

A

SFTP

SCP

71
Q

Ann, the Chief Technology Officer (CTO), has agreed to allow users to bring their own device (BYOD) in order to leverage mobile technology without providing every user with a company owned device. She is concerned that users may not understand the company’s rules, and she wants to limit potential legal concerns. Which of the following is the CTO concerned with?

A. Data ownership

B. Device access control

C. Support ownership

D. Acceptable use

A

Data ownership

72
Q

In regards to secure coding practices, why is input validation important?

A. It mitigates buffer overflow attacks.

B. It makes the code more readable.

C. It provides an application configuration baseline.

D. It meets gray box testing standards.

A

It mitigates buffer overflow attacks.

73
Q

Which of the following is mainly used for remote access into the network?

A. XTACACS

B. TACACS+

C. Kerberos

D. RADIUS

A

RADIUS

74
Q

Peter, a network administrator, is able to manage the backup software console by using his network login credentials. Which of the following authentication services is the MOST likely using?

A. SAML

B. LDAP

C. iSCSI

D. Two-factor authentication

A

LDAP

75
Q

A network administrator uses an RFID card to enter the datacenter, a key to open the server rack, and a username and password to logon to a server. These are examples of which of the following?

A. Multifactor authentication

B. Single factor authentication

C. Separation of duties

D. Identification

A

Single factor authentication

76
Q

Matt, a security administrator, wants to configure all the switches and routers in the network in order to securely monitor their status. Which of the following protocols would he need to configure on each device?

A. SMTP

B. SNMPv3

C. IPSec

D. SNMP

A

SNMPv3

77
Q

A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?

A. SNMP

B. SNMPv3

C. ICMP

D. SSH

A

SNMPv3

78
Q

Which of the following malware types is MOST likely to execute its payload after Jane, an employee, has left the company?

A. Rootkit

B. Logic bomb

C. Worm

D. Botnet

A

Logic bomb

79
Q

Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?

A. HIPS on each virtual machine

B. NIPS on the network

C. NIDS on the network

D. HIDS on each virtual machine

A

HIPS on each virtual machine

80
Q

Ann, a software developer, has installed some code to reactivate her account one week after her account has been disabled. Which of the following is this an example of? (Select TWO).

A. Rootkit

B. Logic Bomb

C. Botnet

D. Backdoor

E. Spyware

A

Logic Bomb

Backdoor

81
Q

Which of the following cryptographic algorithms is MOST often used with IPSec?

A. Blowfish

B. Twofish

C. RC4

D. HMAC

A

HMAC

82
Q

The systems administrator wishes to implement a hardware-based encryption method that could also be used to sign code. They can achieve this by:

A. Utilizing the already present TPM.

B. Configuring secure application sandboxes.

C. Enforcing whole disk encryption.

D. Moving data and applications into the cloud

A

Utilizing the already present TPM.

83
Q

Which of the following protocols provides transport security for virtual terminal emulation?

A. TLS

B. SSH

C. SCP

D. S/MIME

A

SSH

84
Q

A new application needs to be deployed on a virtual server. The virtual server hosts a SQL server that is used by several employees.
Which of the following is the BEST approach for implementation of the new application on the virtual server?

A. Take a snapshot of the virtual server after installing the new application and store the snapshot in a secure location.

B. Generate a baseline report detailing all installed applications on the virtualized server after installing the new application.

C. Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location.

D. Create an exact copy of the virtual server and store the copy on an external hard drive after installing the new application.

A

Take a snapshot of the virtual server before installing the new application and store the snapshot in a secure location.

85
Q

Peter, a network administrator, is implementing IPv6 in the DMZ. Which of the following protocols must he allow through the firewall to ensure the web servers can be reached via IPv6 from an IPv6 enabled Internet host?

A. TCP port 443 and IP protocol 46

B. TCP port 80 and TCP port 443

C. TCP port 80 and ICMP

D. TCP port 443 and SNMP

A

TCP port 80 and TCP port 443

86
Q

Each server on a subnet is configured to only allow SSH access from the administrator’s workstation. Which of the following BEST describes this implementation?

A. Host-based firewalls

B. Network firewalls

C. Network proxy

D. Host intrusion prevention

A

Host-based firewalls

87
Q

Peter, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company’s password policy. Which of the following should Peter do NEXT?

A. Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant.

B. Tell the application development manager to code the application to adhere to the company’s password policy.

C. Ask the application development manager to submit a risk acceptance memo so that the issue can be documented.

D. Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded.

A

Tell the application development manager to code the application to adhere to the company’s password policy.

88
Q

When Ann an employee returns to work and logs into her workstation she notices that, several desktop configuration settings have changed. Upon a review of the CCTV logs, it is determined that someone logged into Ann’s workstation. Which of the following could have prevented this from happening?

A. Password complexity policy

B. User access reviews

C. Shared account prohibition policy

D. User assigned permissions policy

A

Password complexity policy

89
Q

At the outside break area, an employee, Ann, asked another employee to let her into the building because her badge is missing. Which of the following does this describe?

A. Shoulder surfing

B. Tailgating

C. Whaling

D. Impersonation

A

Tailgating

90
Q

The manager has a need to secure physical documents every night, since the company began enforcing the clean desk policy. The BEST solution would include: (Select TWO).

A. Fire- or water-proof safe.

B. Department door locks.

C. Proximity card.

D. 24-hour security guard.

E. Locking cabinets and drawers.

A

Fire- or water-proof safe.

Locking cabinets and drawers.

91
Q

A company wants to prevent end users from plugging unapproved smartphones into PCs and transferring data. Which of the following would be the BEST control to implement?

A. MDM

B. IDS

C. DLP

D. HIPS

A

DLP

92
Q

Which of the following technologies was developed to allow companies to use less-expensive storage while still maintaining the speed and redundancy required in a business environment?

A. RAID

B. Tape Backup

C. Load Balancing

D. Clustering

A

Clustering

93
Q

A software company has completed a security assessment. The assessment states that the company should implement fencing and lighting around the property. Additionally, the assessment states that production releases of their software should be digitally signed. Given the recommendations, the company was deficient in which of the following core security areas? (Select TWO).

A. Fault tolerance

B. Encryption

C. Availability

D. Integrity

E. Safety

F. Confidentiality

A

Integrity

Safety

94
Q

During an audit, the security administrator discovers that there are several users that are no longer employed with the company but still have active user accounts. Which of the following should be performed?

A. Account recovery

B. Account disablement

C. Account lockouts

D. Account expiration

A

Account disablement

95
Q

A certificate used on an ecommerce web server is about to expire. Which of the following will occur if the certificate is allowed to expire?

A. The certificate will be added to the Certificate Revocation List (CRL).

B. Clients will be notified that the certificate is invalid.

C. The ecommerce site will not function until the certificate is renewed.

D. The ecommerce site will no longer use encryption.

A

Clients will be notified that the certificate is invalid.

96
Q

An employee recently lost a USB drive containing confidential customer data. Which of the following controls could be utilized to minimize the risk involved with the use of USB drives?

A. DLP

B. Asset tracking

C. HSM

D. Access control

A

DLP

97
Q

The security administrator notices a user logging into a corporate Unix server remotely as root. Which of the following actions should the administrator take?

A. Create a firewall rule to block SSH

B. Delete the root account

C. Disable remote root logins

D. Ensure the root account has a strong password

A

Disable remote root logins

98
Q

Mike, a user, states that he is receiving several unwanted emails about home loans. Which of the following is this an example of?

A. Spear phishing

B. Hoaxes

C. Spoofing

D. Spam

A

Spam

99
Q

An active directory setting restricts querying to only secure connections. Which of the following ports should be selected to establish a successful connection?

A. 389

B. 440

C. 636

D. 3286

A

636

100
Q

Which of the following describes how Emily, an attacker, can send unwanted advertisements to a mobile device?

A. Man-in-the-middle

B. Bluejacking

C. Bluesnarfing

D. Packet sniffing

A

Bluejacking