Deck H

Question 1

Which of the following explains the difference between a public key and a private key?

A. The public key is only used by the client while the private key is available to all. Both keys are mathematically related.

B. The private key only decrypts the data while the public key only encrypts the data. Both keys are mathematically related.

C. The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption.

D. The private key is only used by the client and kept secret while the public key is available to all.

Answer 1

The private key is only used by the client and kept secret while the public key is available to all.

Question 2

The security team would like to gather intelligence about the types of attacks being launched against the organization. Which of the following would provide them with the MOST information?

A. Implement a honeynet

B. Perform a penetration test

C. Examine firewall logs

D. Deploy an IDS

Answer 2

Implement a honeynet

Question 3

Which of the following can be used as an equipment theft deterrent?

A. Screen locks

B. GPS tracking

C. Cable locks

D. Whole disk encryption

Answer 3

Cable locks

Question 4

An administrator notices an unusual spike in network traffic from many sources. The administrator suspects that:

A. it is being caused by the presence of a rogue access point.

B. it is the beginning of a DDoS attack.

C. the IDS has been compromised.

D. the internal DNS tables have been poisoned.

Answer 4

it is the beginning of a DDoS attack.

Question 5

A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default?

A. 20

B. 21

C. 22

D. 23

Answer 5

21

Question 6

A security manager requires fencing around the perimeter, and cipher locks on all entrances. The manager is concerned with which of the following security controls?

A. Integrity

B. Availability

C. Confidentiality

D. Safety

Answer 6

Safety

Question 7

A company is trying to implement physical deterrent controls to improve the overall security posture of their data center. Which of the following BEST meets their goal?

A. Visitor logs

B. Firewall

C. Hardware locks

D. Environmental monitoring

Answer 7

Hardware locks

Question 8

A security administrator notices that a specific network administrator is making unauthorized changes to the firewall every Saturday morning. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall?

A. Mandatory vacations

B. Job rotation

C. Least privilege

D. Time of day restrictions

Answer 8

Least privilege

Question 9

Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure?

A. Trust Model

B. Recovery Agent

C. Public Key

D. Private Key

Answer 9

Trust Model

Question 10

Which of the following wireless protocols could be vulnerable to a brute-force password attack? (Select TWO).

A. WPA2-PSK

B. WPA – EAP – TLS

C. WPA2-CCMP

D. WPA -CCMP

E. WPA – LEAP

F. WEP

Answer 10

WPA2-PSK

WPA-LEAP

Question 11

Which of the following protocols is used by IPv6 for MAC address resolution?

A. NDP

B. ARP

C. DNS

D. NCP

Answer 11

NDP

Question 12

During a disaster recovery planning session, a security administrator has been tasked with determining which threats and vulnerabilities pose a risk to the organization. Which of the following should the administrator rate as having the HIGHEST frequency of risk to the organization?

A. Hostile takeovers

B. Large scale natural disasters

C. Malware and viruses

D. Corporate espionage

Answer 12

Malware and viruses

Question 13

An employee needs to connect to a server using a secure protocol on the default port. Which of the following ports should be used?

A. 21

B. 22

C. 80

D. 110

Answer 13

22

Question 14

A new security analyst is given the task of determining whether any of the company’s servers are vulnerable to a recently discovered attack on an old version of SSH. Which of the following is the quickest FIRST step toward determining the version of SSH running on these servers?

A. Passive scanning

B. Banner grabbing

C. Protocol analysis

D. Penetration testing

Answer 14

Banner grabbing

Question 15

Peter, a network security engineer, has visibility to network traffic through network monitoring tools.
However, he’s concerned that a disgruntled employee may be targeting a server containing the company’s financial records. Which of the following security mechanism would be MOST appropriate to confirm Peter’s suspicion?

A. HIDS

B. HIPS

C. NIPS

D. NIDS

Answer 15

HIDS

Question 16

A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached by entering their IP addresses. Which of the following ports may have been closed to cause this issue?

A. HTTP

B. DHCP

C. DNS

D. NetBIOS

Answer 16

DNS

Question 17

Which of the following MUST Matt, a security administrator, implement to verify both the integrity and authenticity of a message while requiring a shared secret?

A. RIPEMD

B. MD5

C. SHA

D. HMAC

Answer 17

HMAC

Question 18

Which of the following can be used by a security administrator to successfully recover a user’s forgotten password on a password protected file?

A. Cognitive password

B. Password sniffing

C. Brute force

D. Social engineering

Answer 18

Brute force

Question 19

Peter a company’s new security specialist is assigned a role to conduct monthly vulnerability scans across the network. He notices that the scanner is returning a large amount of false positives or failed audits. Which of the following should Peter recommend to remediate these issues?

A. Ensure the vulnerability scanner is located in a segmented VLAN that has access to the company’s servers

B. Ensure the vulnerability scanner is configured to authenticate with a privileged account

C. Ensure the vulnerability scanner is attempting to exploit the weaknesses it discovers

D. Ensure the vulnerability scanner is conducting antivirus scanning

Answer 19

Ensure the vulnerability scanner is located in a segmented VLAN that has access to the company’s servers

Question 20

Emily, a hacker, is completing a website form to request a free coupon. The site has a field that limits the request to 3 or fewer coupons. While submitting the form, Emily runs an application on her machine to intercept the HTTP POST command and change the field from 3 coupons to 30.
Which of the following was used to perform this attack?

A. SQL injection

B. XML injection

C. Packet sniffer

D. Proxy

Answer 20

XML injection

Question 21

A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address:

A. Integrity of downloaded software.

B. Availability of the FTP site.

C. Confidentiality of downloaded software.

D. Integrity of the server logs.

Answer 21

Integrity of downloaded software.

Question 22

Which of the following ports would be blocked if Peter, a security administrator, wants to deny access to websites?

A. 21

B. 25

C. 80

D. 3389

Answer 22

80

Question 23

Which of the following controls should critical application servers implement to protect themselves from other potentially compromised application services?

A. NIPS

B. Content filter

C. NIDS

D. Host-based firewalls

Answer 23

Host-based firewalls

Question 24

Which of the following access methods uses radio frequency waves for authentication?

A. Video surveillance

B. Mantraps

C. Proximity readers

D. Biometrics

Answer 24

Proximity readers

Question 25

Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems?

A. Incident management

B. Server clustering

C. Change management

D. Forensic analysis

Answer 25

Change management

Question 26

Which of the following does full disk encryption prevent?

A. Client side attacks

B. Clear text access

C. Database theft

D. Network-based attacks

Answer 26

Clear text access

Question 27

An administrator was asked to review user accounts. Which of the following has the potential to cause the MOST amount of damage if the account was compromised?

A. A password that has not changed in 180 days

B. A single account shared by multiple users

C. A user account with administrative rights

D. An account that has not been logged into since creation

Answer 27

A user account with administrative rights

Question 28

A security team has established a security awareness program. Which of the following would BEST prove the success of the program?

A. Policies

B. Procedures

C. Metrics

D. Standards

Answer 28

Metrics

Question 29

Failure to validate the size of a variable before writing it to memory could result in which of the following application attacks?

A. Malicious logic

B. Cross-site scripting

C. SQL injection

D. Buffer overflow

Answer 29

Buffer overflow

Question 30

Which of the following BEST describes a protective countermeasure for SQL injection?

A. Eliminating cross-site scripting vulnerabilities

B. Installing an IDS to monitor network traffic

C. Validating user input in web applications

D. Placing a firewall between the Internet and database servers

Answer 30

Validating user input in web applications

Question 31

A system administrator is configuring UNIX accounts to authenticate against an external server. The configuration file asks for the following information DC=ServerName and DC=COM. Which of the following authentication services is being used?

A. RADIUS

B. SAML

C. TACACS+

D. LDAP

Answer 31

LDAP

Question 32

Which of the following types of encryption will help in protecting files on a PED?

A. Mobile device encryption

B. Transport layer encryption

C. Encrypted hidden container

D. Database encryption

Answer 32

Mobile device encryption

Question 33

Emily, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent?

A. Warm site

B. Load balancing

C. Clustering

D. RAID

Answer 33

Clustering

Question 34

Ann, a security analyst, has discovered that her company has very high staff turnover and often user accounts are not disabled after an employee leaves the company. Which of the following could Ann implement to help identify accounts that are still active for terminated employees?

A. Routine audits

B. Account expirations

C. Risk assessments

D. Change management

Answer 34

Routine audits

Question 35

Which of the following controls can be used to prevent the disclosure of sensitive information stored on a mobile device’s removable media in the event that the device is lost or stolen?

A. Hashing

B. Screen locks

C. Device password

D. Encryption

Answer 35

Encryption

Question 36

After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed securely.
Which of the following is the MOST likely reason the PC technician is unable to ping those devices?

A. ICMP is being blocked

B. SSH is not enabled

C. DNS settings are wrong

D. SNMP is not configured properly

Answer 36

ICMP is being blocked

Question 37

Which of the following fire suppression systems is MOST likely used in a datacenter?

A. FM-200

B. Dry-pipe

C. Wet-pipe

D. Vacuum

Answer 37

FM-200

Question 38

Which of the following malware types may require user interaction, does not hide itself, and is commonly identified by marketing pop-ups based on browsing habits?

A. Botnet

B. Rootkit

C. Adware

D. Virus

Answer 38

Adware

Question 39

A server dedicated to the storage and processing of sensitive information was compromised with a rootkit and sensitive data was extracted. Which of the following incident response procedures is best suited to restore the server?

A. Wipe the storage, reinstall the OS from original media and restore the data from the last known good backup.

B. Keep the data partition, restore the OS from the most current backup and run a full system antivirus scan.

C. Format the storage and reinstall both the OS and the data from the most current backup.

D. Erase the storage, reinstall the OS from most current backup and only restore the data that was not compromised.

Answer 39

Wipe the storage, reinstall the OS from original media and restore the data from the last known good backup.

Question 40

A user reports being unable to access a file on a network share. The security administrator determines that the file is marked as confidential and that the user does not have the appropriate access level for that file. Which of the following is being implemented?

A. Mandatory access control

B. Discretionary access control

C. Rule based access control

D. Role based access control

Answer 40

Mandatory access control

Question 41

A server is configured to communicate on both VLAN 1 and VLAN 12. VLAN 1 communication works fine, but VLAN 12 does not. Which of the following MUST happen before the server can communicate on VLAN 12?

A. The server’s network switch port must be enabled for 802.11x on VLAN 12.

B. The server’s network switch port must use VLAN Q-in-Q for VLAN 12.

C. The server’s network switch port must be 802.1q untagged for VLAN 12.

D. The server’s network switch port must be 802.1q tagged for VLAN 12.

Answer 41

The server’s network switch port must be 802.1q tagged for VLAN 12.

Question 42

Corporate IM presents multiple concerns to enterprise IT. Which of the following concerns should Jane, the IT security manager, ensure are under control? (Select THREE).

A. Authentication

B. Data leakage

C. Compliance

D. Malware

E. Non-repudiation

F. Network loading

Answer 42

Data leakage

Compliance

Malware

Question 43

To ensure compatibility with their flagship product, the security engineer is tasked to recommend an encryption cipher that will be compatible with the majority of third party software and hardware vendors. Which of the following should be recommended?

A. SHA

B. MD5

C. Blowfish

D. AES

Answer 43

AES

Question 44

Several users report to the administrator that they are having issues downloading files from the file server. Which of the following assessment tools can be used to determine if there is an issue with the file server?

A. MAC filter list

B. Recovery agent

C. Baselines

D. Access list

Answer 44

Baselines

Question 45

Which of the following provides the BEST explanation regarding why an organization needs to implement IT security policies?

A. To ensure that false positives are identified

B. To ensure that staff conform to the policy

C. To reduce the organizational risk

D. To require acceptable usage of IT systems

Answer 45

To reduce the organizational risk

Question 46

Peter, a user, wants to protect sensitive information stored on his hard drive. He uses a program that encrypted the whole hard drive. Once the hard drive is fully encrypted, he uses the same program to create a hidden volume within the encrypted hard drive and stores the sensitive information within the hidden volume. This is an example of which of the following? (Select TWO).

A. Multi-pass encryption

B. Transport encryption

C. Plausible deniability

D. Steganography

E. Transitive encryption

F. Trust models

Answer 46

Plausible deniability

Steganography

Question 47

Establishing a published chart of roles, responsibilities, and chain of command to be used during a disaster is an example of which of the following?

A. Fault tolerance

B. Succession planning

C. Business continuity testing

D. Recovery point objectives

Answer 47

Succession planning

Question 48

Which of the following is an XML based open standard used in the exchange of authentication and authorization information between different parties?

A. LDAP

B. SAML

C. TACACS+

D. Kerberos

Answer 48

SAML

Question 49

A security administrator is tackling issues related to authenticating users at a remote site. There have been a large number of security incidents that resulted from either tailgating or impersonation of authorized users with valid credentials. The security administrator has been told to implement multifactor authentication in order to control facility access. To secure access to the remote facility, which of the following could be implemented without increasing the amount of space required at the entrance?

A. MOTD challenge and PIN pad

B. Retina scanner and fingerprint reader

C. Voice recognition and one-time PIN token

D. One-time PIN token and proximity reader

Answer 49

Voice recognition and one-time PIN token

Question 50

Which of the following risk concepts requires an organization to determine the number of failures per year?

A. SLE

B. ALE

C. MTBF

D. Quantitative analysis

Answer 50

ALE

Question 51

A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration. Which of the following should be implemented to secure the devices without risking availability?

A. Host-based firewall

B. IDS

C. IPS

D. Honeypot

Answer 51

IDS

Question 52

How often, at a MINIMUM, should Emily, an administrator, review the accesses and rights of the users on her system?

A. Annually

B. Immediately after an employee is terminated

C. Every five years

D. Every time they patch the server

Answer 52

Annually

Question 53

The security administrator is observing unusual network behavior from a workstation. The workstation is communicating with a known malicious destination over an encrypted tunnel. A full antivirus scan, with an updated antivirus definition file, does not show any signs of infection.
Which of the following has happened on the workstation?

A. Zero-day attack

B. Known malware infection

C. Session hijacking

D. Cookie stealing

Answer 53

Zero-day attack

Question 54

Which of the following provides the LEAST availability?

A. RAID 0

B. RAID 1

C. RAID 3

D. RAID 5

Answer 54

RAID 0

Question 55

Which of the following is a vulnerability associated with disabling pop-up blockers?

A. An alert message from the administrator may not be visible

B. A form submitted by the user may not open

C. The help window may not be displayed

D. Another browser instance may execute malicious code

Answer 55

Another browser instance may execute malicious code

Question 56

Which of the following is a measure of biometrics performance which rates the ability of a system to correctly authenticate an authorized user?

A. Failure to capture

B. Type II

C. Mean time to register

D. Template capacity

Answer 56

Type II

Question 57

A security analyst needs to ensure all external traffic is able to access the company’s front-end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended?

A. DMZ

B. Cloud computing

C. VLAN

D. Virtualization

Answer 57

DMZ

Question 58

Protecting the confidentiality of a message is accomplished by encrypting the message with which of the following?

A. Sender’s private key

B. Recipient’s public key

C. Sender’s public key

D. Recipient’s private key

Answer 58

Recipient’s public key

Question 59

Which of the following is an example of a false negative?

A. The IDS does not identify a buffer overflow.

B. Anti-virus identifies a benign application as malware.

C. Anti-virus protection interferes with the normal operation of an application.

D. A user account is locked out after the user mistypes the password too many times.

Answer 59

The IDS does not identify a buffer overflow.

Question 60

A distributed denial of service attack can BEST be described as:

A. Invalid characters being entered into a field in a database application.

B. Users attempting to input random or invalid data into fields within a web browser application.

C. Multiple computers attacking a single target in an organized attempt to deplete its resources.

D. Multiple attackers attempting to gain elevated privileges on a target system.

Answer 60

Multiple computers attacking a single target in an organized attempt to deplete its resources.

Question 61

One of the servers on the network stops responding due to lack of available memory. Server administrators did not have a clear definition of what action should have taken place based on the available memory. Which of the following would have BEST kept this incident from occurring?

A. Set up a protocol analyzer

B. Set up a performance baseline

C. Review the systems monitor on a monthly basis

D. Review the performance monitor on a monthly basis

Answer 61

Set up a performance baseline

Question 62

During a server audit, a security administrator does not notice abnormal activity. However, a network security analyst notices connections to unauthorized ports from outside the corporate network. Using specialized tools, the network security analyst also notices hidden processes running. Which of the following has MOST likely been installed on the server?

A. SPIM

B. Backdoor

C. Logic bomb

D. Rootkit

Answer 62

Rootkit

Question 63

CompTIA Security+ Question H-63

During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on the firewall? (Select FOUR).

A. 21

B. 22

C. 23

D. 69

E. 3389

F. SSH

G. Terminal services

H. Rlogin

I. Rsync

J. Telnet

Answer 63

22

23

SSH

Telnet

Question 64

FTP/S uses which of the following TCP ports by default?

A. 20 and 21

B. 139 and 445

C. 443 and 22

D. 989 and 990

Answer 64

989 and 990

Question 65

An attacker used an undocumented and unknown application exploit to gain access to a file server. Which of the following BEST describes this type of attack?

A. Integer overflow

B. Cross-site scripting

C. Zero-day

D. Session hijacking

E. XML injection

Answer 65

Zero-day

Question 66

Full disk encryption is MOST effective against which of the following threats?

A. Denial of service by data destruction

B. Eavesdropping emanations

C. Malicious code

D. Theft of hardware

Answer 66

Theft of hardware

Question 67

The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help?

A. Account Disablements

B. Password Expiration

C. Password Complexity

D. Password Recovery

Answer 67

Password Recovery

Question 68

A security administrator suspects that an increase in the amount of TFTP traffic on the network is due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic.
Which of the following would accomplish this task?

A. Deny TCP port 68

B. Deny TCP port 69

C. Deny UDP port 68

D. Deny UDP port 69

Answer 68

Deny UDP port 69

Question 69

Jane, a security administrator, has observed repeated attempts to break into a server. Which of the following is designed to stop an intrusion on a specific server?

A. HIPS

B. NIDS

C. HIDS

D. NIPS

Answer 69

HIPS

Question 70

Company A sends a PGP encrypted file to company B. If company A used company B’s public key to encrypt the file, which of the following should be used to decrypt data at company B?

A. Registration

B. Public key

C. CRLs

D. Private key

Answer 70

Private key

Question 71

An IT security technician is actively involved in identifying coding issues for her company.
Which of the following is an application security technique that can be used to identify unknown weaknesses within the code?

A. Vulnerability scanning

B. Denial of service

C. Fuzzing

D. Port scanning

Answer 71

Fuzzing

Question 72

A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed?

A. The request needs to be sent to the incident management team.

B. The request needs to be approved through the incident management process.

C. The request needs to be approved through the change management process.

D. The request needs to be sent to the change management team.

Answer 72

The request needs to be approved through the change management process.

Question 73

An administrator is assigned to monitor servers in a data center. A web server connected to the Internet suddenly experiences a large spike in CPU activity. Which of the following is the MOST likely cause?

A. Spyware

B. Trojan

C. Privilege escalation

D. DoS

Answer 73

DoS

Question 74

Why would a technician use a password cracker?

A. To look for weak passwords on the network

B. To change a user’s passwords when they leave the company

C. To enforce password complexity requirements

D. To change users passwords if they have forgotten them

Answer 74

To look for weak passwords on the network

Question 75

Emily, the Chief Information Officer (CIO), has requested an audit take place to determine what services and operating systems are running on the corporate network. Which of the following should be used to complete this task?

A. Fingerprinting and password crackers

B. Fuzzing and a port scan

C. Vulnerability scan and fuzzing

D. Port scan and fingerprinting

Answer 75

Port scan and fingerprinting

Question 76

Ann, the network administrator, has learned from the helpdesk that employees are accessing the wireless network without entering their domain credentials upon connection. Once the connection is made, they cannot reach any internal resources, while wired network connections operate smoothly. Which of the following is MOST likely occurring?

A. A user has plugged in a personal access point at their desk to connect to the network wirelessly.

B. The company is currently experiencing an attack on their internal DNS servers.

C. The company’s WEP encryption has been compromised and WPA2 needs to be implemented instead.

D. An attacker has installed an access point nearby in an attempt to capture company information.

Answer 76

An attacker has installed an access point nearby in an attempt to capture company information.

Question 77

Ann works at a small company and she is concerned that there is no oversight in the finance department; specifically, that Peter writes, signs and distributes paychecks, as well as other expenditures. Which of the following controls can she implement to address this concern?

A. Mandatory vacations

B. Time of day restrictions

C. Least privilege

D. Separation of duties

Answer 77

Separation of duties

Question 78

Peter’s corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special number.
Users then need to enter the code provided to them by the help desk technician prior to allowing the technician to work on their PC. Which of the following does this procedure prevent?

A. Collusion

B. Impersonation

C. Pharming

D. Transitive Access

Answer 78

Impersonation

Question 79

An administrator needs to segment internal traffic between layer 2 devices within the LAN. Which of the following types of network design elements would MOST likely be used?

A. Routing

B. DMZ

C. VLAN

D. NAT

Answer 79

VLAN

Question 80

Which device monitors network traffic in a passive manner?

A. Sniffer

B. IDS

C. Firewall

D. Web browser

Answer 80

Sniffer

Question 81

Allowing unauthorized removable devices to connect to computers increases the risk of which of the following?

A. Data leakage prevention

B. Data exfiltration

C. Data classification

D. Data deduplication

Answer 81

Data exfiltration

Question 82

Suspicious traffic without a specific signature was detected. Under further investigation, it was determined that these were false indicators. Which of the following security devices needs to be configured to disable future false alarms?

A. Signature based IPS

B. Signature based IDS

C. Application based IPS

D. Anomaly based IDS

Answer 82

Anomaly based IDS

Question 83

A security technician has been asked to recommend an authentication mechanism that will allow users to authenticate using a password that will only be valid for a predefined time interval. Which of the following should the security technician recommend?

A. CHAP

B. TOTP

C. HOTP

D. PAP

Answer 83

TOTP

Question 84

Human Resources (HR) would like executives to undergo only two specific security training programs a year. Which of the following provides the BEST level of security training for the executives? (Select TWO).

A. Acceptable use of social media

B. Data handling and disposal

C. Zero day exploits and viruses

D. Phishing threats and attacks

E. Clean desk and BYOD

F. Information security awareness

Answer 84

Phishing threats and attacks

Information security awareness

Question 85

Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model?

A. Packet Filter Firewall

B. Stateful Firewall

C. Proxy Firewall

D. Application Firewall

Answer 85

Stateful Firewall

Question 86

A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with?

A. Data confidentiality

B. High availability

C. Data integrity

D. Business continuity

Answer 86

Data integrity

Question 87

A review of the company’s network traffic shows that most of the malware infections are caused by users visiting gambling and gaming websites. The security manager wants to implement a solution that will block these websites, scan all web traffic for signs of malware, and block the malware before it enters the company network. Which of the following is suited for this purpose?

A. ACL

B. IDS

C. UTM

D. Firewall

Answer 87

UTM

Question 88

Which of the following devices will help prevent a laptop from being removed from a certain location?

A. Device encryption

B. Cable locks

C. GPS tracking

D. Remote data wipes

Answer 88

Cable locks

Question 89

Which of the following can be performed when an element of the company policy cannot be enforced by technical means?

A. Develop a set of standards

B. Separation of duties

C. Develop a privacy policy

D. User training

Answer 89

User training

Question 90

Which of the following symmetric key algorithms are examples of block ciphers? (Select THREE).

A. RC4

B. 3DES

C. AES

D. MD5

E. PGP

F. Blowfish

Answer 90

3DES

AES

Blowfish

Question 91

A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address?

A. Identification

B. Authorization

C. Access control

D. Authentication

Answer 91

Identification

Question 92

The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network. Which of the following would BEST meet the CIO and CRO’s requirements?

A. Software as a Service

B. Infrastructure as a Service

C. Platform as a Service

D. Hosted virtualization service

Answer 92

Software as a Service

Question 93

Which of the following security benefits would be gained by disabling a terminated user account rather than deleting it?

A. Retention of user keys

B. Increased logging on access attempts

C. Retention of user directories and files

D. Access to quarantined files

Answer 93

Retention of user keys

Question 94

Layer 7 devices used to prevent specific types of html tags are called:

A. Firewalls

B. Content filters

C. Routers

D. NIDS

Answer 94

Content filters

Question 95

Internet banking customers currently use an account number and password to access their online accounts. The bank wants to improve security on high value transfers by implementing a system which call users back on a mobile phone to authenticate the transaction with voice verification. Which of the following authentication factors are being used by the bank?

A. Something you know, something you do, and something you have

B. Something you do, somewhere you are, and something you have

C. Something you are, something you do and something you know

D. Something you have, something you are, and something you know

Answer 95

Something you are, something you do and something you know

Question 96

A recent audit has revealed weaknesses in the process of deploying new servers and network devices. Which of the following practices could be used to increase the security posture during deployment? (Select TWO).

A. Deploy a honeypot

B. Disable unnecessary services

C. Change default passwords

D. Implement an application firewall

E. Penetration testing

Answer 96

Disable unnecessary services

Change default passwords

Question 97

Ann an employee is visiting Peter, an employee in the Human Resources Department. While talking to Peter, Ann notices a spreadsheet open on Peter’s computer that lists the salaries of all employees in her department. Which of the following forms of social engineering would BEST describe this situation?

A. Impersonation

B. Dumpster diving

C. Tailgating

D. Shoulder surfing

Answer 97

Shoulder surfing

Question 98

A video surveillance audit recently uncovered that an employee plugged in a personal laptop and used the corporate network to browse inappropriate and potentially malicious websites after office hours. Which of the following could BEST prevent a situation like this form occurring again?

A. Intrusion detection

B. Content filtering

C. Port security

D. Vulnerability scanning

Answer 98

Port security

Question 99

Which of the following devices would be MOST useful to ensure availability when there are a large number of requests to a certain website?

A. Protocol analyzer

B. Load balancer

C. VPN concentrator

D. Web security gateway

Answer 99

Load balancer

Question 100

Which of the following tools would a security administrator use in order to identify all running services throughout an organization?

A. Architectural review

B. Penetration test

C. Port scanner

D. Design review

Answer 100

Port scanner