Deck H Flashcards
Which of the following explains the difference between a public key and a private key?
A. The public key is only used by the client while the private key is available to all. Both keys are mathematically related.
B. The private key only decrypts the data while the public key only encrypts the data. Both keys are mathematically related.
C. The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption.
D. The private key is only used by the client and kept secret while the public key is available to all.
The private key is only used by the client and kept secret while the public key is available to all.
The security team would like to gather intelligence about the types of attacks being launched against the organization. Which of the following would provide them with the MOST information?
A. Implement a honeynet
B. Perform a penetration test
C. Examine firewall logs
D. Deploy an IDS
Implement a honeynet
Which of the following can be used as an equipment theft deterrent?
A. Screen locks
B. GPS tracking
C. Cable locks
D. Whole disk encryption
Cable locks
An administrator notices an unusual spike in network traffic from many sources. The administrator suspects that:
A. it is being caused by the presence of a rogue access point.
B. it is the beginning of a DDoS attack.
C. the IDS has been compromised.
D. the internal DNS tables have been poisoned.
it is the beginning of a DDoS attack.
A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default?
A. 20
B. 21
C. 22
D. 23
21
A security manager requires fencing around the perimeter, and cipher locks on all entrances. The manager is concerned with which of the following security controls?
A. Integrity
B. Availability
C. Confidentiality
D. Safety
Safety
A company is trying to implement physical deterrent controls to improve the overall security posture of their data center. Which of the following BEST meets their goal?
A. Visitor logs
B. Firewall
C. Hardware locks
D. Environmental monitoring
Hardware locks
A security administrator notices that a specific network administrator is making unauthorized changes to the firewall every Saturday morning. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall?
A. Mandatory vacations
B. Job rotation
C. Least privilege
D. Time of day restrictions
Least privilege
Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure?
A. Trust Model
B. Recovery Agent
C. Public Key
D. Private Key
Trust Model
Which of the following wireless protocols could be vulnerable to a brute-force password attack? (Select TWO).
A. WPA2-PSK
B. WPA – EAP – TLS
C. WPA2-CCMP
D. WPA -CCMP
E. WPA – LEAP
F. WEP
WPA2-PSK
WPA-LEAP
Which of the following protocols is used by IPv6 for MAC address resolution?
A. NDP
B. ARP
C. DNS
D. NCP
NDP
During a disaster recovery planning session, a security administrator has been tasked with determining which threats and vulnerabilities pose a risk to the organization. Which of the following should the administrator rate as having the HIGHEST frequency of risk to the organization?
A. Hostile takeovers
B. Large scale natural disasters
C. Malware and viruses
D. Corporate espionage
Malware and viruses
An employee needs to connect to a server using a secure protocol on the default port. Which of the following ports should be used?
A. 21
B. 22
C. 80
D. 110
22
A new security analyst is given the task of determining whether any of the company’s servers are vulnerable to a recently discovered attack on an old version of SSH. Which of the following is the quickest FIRST step toward determining the version of SSH running on these servers?
A. Passive scanning
B. Banner grabbing
C. Protocol analysis
D. Penetration testing
Banner grabbing
Peter, a network security engineer, has visibility to network traffic through network monitoring tools.
However, he’s concerned that a disgruntled employee may be targeting a server containing the company’s financial records. Which of the following security mechanism would be MOST appropriate to confirm Peter’s suspicion?
A. HIDS
B. HIPS
C. NIPS
D. NIDS
HIDS
A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue?
A. HTTP
B. DHCP
C. DNS
D. NetBIOS
DNS
Which of the following MUST Matt, a security administrator, implement to verify both the integrity and authenticity of a message while requiring a shared secret?
A. RIPEMD
B. MD5
C. SHA
D. HMAC
HMAC
Which of the following can be used by a security administrator to successfully recover a user’s forgotten password on a password protected file?
A. Cognitive password
B. Password sniffing
C. Brute force
D. Social engineering
Brute force
Peter a company’s new security specialist is assigned a role to conduct monthly vulnerability scans across the network. He notices that the scanner is returning a large amount of false positives or failed audits. Which of the following should Peter recommend to remediate these issues?
A. Ensure the vulnerability scanner is located in a segmented VLAN that has access to the company’s servers
B. Ensure the vulnerability scanner is configured to authenticate with a privileged account
C. Ensure the vulnerability scanner is attempting to exploit the weaknesses it discovers
D. Ensure the vulnerability scanner is conducting antivirus scanning
Ensure the vulnerability scanner is located in a segmented VLAN that has access to the company’s servers
Emily, a hacker, is completing a website form to request a free coupon. The site has a field that limits the request to 3 or fewer coupons. While submitting the form, Emily runs an application on her machine to intercept the HTTP POST command and change the field from 3 coupons to 30.
Which of the following was used to perform this attack?
A. SQL injection
B. XML injection
C. Packet sniffer
D. Proxy
XML injection
A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address:
A. Integrity of downloaded software.
B. Availability of the FTP site.
C. Confidentiality of downloaded software.
D. Integrity of the server logs.
Integrity of downloaded software.
Which of the following ports would be blocked if Peter, a security administrator, wants to deny access to websites?
A. 21
B. 25
C. 80
D. 3389
80
Which of the following controls should critical application servers implement to protect themselves from other potentially compromised application services?
A. NIPS
B. Content filter
C. NIDS
D. Host-based firewalls
Host-based firewalls
Which of the following access methods uses radio frequency waves for authentication?
A. Video surveillance
B. Mantraps
C. Proximity readers
D. Biometrics
Proximity readers