Deck I Flashcards

1
Q

Ann would like to forward some Personal Identifiable Information to her HR department by email, but she is worried about the confidentiality of the information. Which of the following will accomplish this task securely?

A. Digital Signatures

B. Hashing

C. Secret Key

D. Encryption

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be the simplest way to accomplish this?

A. NIDS

B. DMZ

C. NAT

D. VLAN

A

VLAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following design components is used to isolate network devices such as web servers?

A. VLAN

B. VPN

C. NAT

D. DMZ

A

DMZ

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following authentication protocols makes use of UDP for its services?

A. RADIUS

B. TACACS+

C. LDAP

D. XTACACS

A

RADIUS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Jane, an IT security technician, needs to create a way to secure company mobile devices. Which of the following BEST meets this need?

A. Implement voice encryption, pop-up blockers, and host-based firewalls.

B. Implement firewalls, network access control, and strong passwords.

C. Implement screen locks, device encryption, and remote wipe capabilities.

D. Implement application patch management, antivirus, and locking cabinets.

A

Implement screen locks, device encryption, and remote wipe capabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Emily, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Emily configure?

A. PAT

B. NAP

C. DNAT

D. NAC

A

PAT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following is an attack designed to activate based on time?

A. Logic Bomb

B. Backdoor

C. Trojan

D. Rootkit

A

Logic Bomb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following provides the HIGHEST level of confidentiality on a wireless network?

A. Disabling SSID broadcast

B. MAC filtering

C. WPA2

D. Packet switching

A

WPA2

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following IP addresses would be hosts on the same subnet given the subnet mask 255.255.255.224? (Select TWO).

A. 10.4.4.125

B. 10.4.4.158

C. 10.4.4.165

D. 10.4.4.189

E. 10.4.4.199

A
  1. 4.4.165

10. 4.4.189

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

A file on a Linux server has default permissions of rw-rw-r–. The system administrator has verified that Ann, a user, is not a member of the group owner of the file. Which of the following should be modified to assure that Ann has read access to the file?

A. User ownership information for the file in question

B. Directory permissions on the parent directory of the file in question

C. Group memberships for the group owner of the file in question

D. The file system access control list (FACL) for the file in question

A

Group memberships for the group owner of the file in question

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which of the following are examples of network segmentation? (Select TWO).

A. IDS

B. IaaS

C. DMZ

D. Subnet

E. IPS

A

DMZ

Subnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Which of the following provides the BEST application availability and is easily expanded as demand grows?

A. Server virtualization

B. Load balancing

C. Active-Passive Cluster

D. RAID 6

A

Load balancing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following protocols provides for mutual authentication of the client and server?

A. Two-factor authentication

B. Radius

C. Secure LDAP

D. Biometrics

A

Secure LDAP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

When confidentiality is the primary concern, and a secure channel for key exchange is not available, which of the following should be used for transmitting company documents?

A. Digital Signature

B. Symmetric

C. Asymmetric

D. Hashing

A

Asymmetric

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following is being tested when a company’s payroll server is powered off for eight hours?

A. Succession plan

B. Business impact document

C. Continuity of operations plan

D. Risk assessment plan

A

Continuity of operations plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model?

A. WAF

B. NIDS

C. Routers

D. Switches

A

WAF

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which of the following should be enabled in a laptop’s BIOS prior to full disk encryption?

A. USB

B. HSM

C. RAID

D. TPM

A

TPM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

A company with a US-based sales force has requested that the VPN system be configured to authenticate the sales team based on their username, password and a client side certificate.
Additionally, the security administrator has restricted the VPN to only allow authentication from the US territory. How many authentication factors are in use by the VPN system?

A. 1

B. 2

C. 3

D. 4

A

3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A group policy requires users in an organization to use strong passwords that must be changed every 15 days. Peter and Ann were hired 16 days ago. When Peter logs into the network, he is prompted to change his password; when Ann logs into the network, she is not prompted to change her password. Which of the following BEST explains why Ann is not required to change her password?

A. Ann’s user account has administrator privileges.

B. Peter’s user account was not added to the group policy.

C. Ann’s user account was not added to the group policy.

D. Peter’s user account was inadvertently disabled and must be re-created.

A

Ann’s user account was not added to the group policy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

A company is installing a new security measure that would allow one person at a time to be authenticated to an area without human interaction. Which of the following does this describe?

A. Fencing

B. Mantrap

C. A guard

D. Video surveillance

A

Mantrap

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following techniques can be used to prevent the disclosure of system information resulting from arbitrary inputs when implemented properly?

A. Fuzzing

B. Patch management

C. Error handling

D. Strong passwords

A

Error handling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

A Human Resources user is issued a virtual desktop typically assigned to Accounting employees. A system administrator wants to disable certain services and remove the local accounting groups installed by default on this virtual machine. The system administrator is adhering to which of the following security best practices?

A. Black listing applications

B. Operating System hardening

C. Mandatory Access Control

D. Patch Management

A

Operating System hardening

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Which of the following security concepts can prevent a user from logging on from home during the weekends?

A. Time of day restrictions

B. Multifactor authentication

C. Implicit deny

D. Common access card

A

Time of day restrictions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which of the following is a concern when encrypting wireless data with WEP?

A. WEP displays the plain text entire key when wireless packet captures are reassembled

B. WEP implements weak initialization vectors for key transmission

C. WEP uses a very weak encryption algorithm

D. WEP allows for only four pre-shared keys to be configured

A

WEP implements weak initialization vectors for key transmission

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

The practice of marking open wireless access points is called which of the following?

A. War dialing

B. War chalking

C. War driving

D. Evil twin

A

War chalking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Which of the following BEST describes a demilitarized zone?

A. A buffer zone between protected and unprotected networks.

B. A network where all servers exist and are monitored.

C. A sterile, isolated network segment with access lists.

D. A private network that is protected by a firewall and a VLAN.

A

A buffer zone between protected and unprotected networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

XYZ Corporation is about to purchase another company to expand its operations. The CEO is concerned about information leaking out, especially with the cleaning crew that comes in at night.
The CEO would like to ensure no paper files are leaked. Which of the following is the BEST policy to implement?

A. Social media policy

B. Data retention policy

C. CCTV policy

D. Clean desk policy

A

Clean desk policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Matt, the IT Manager, wants to create a new network available to virtual servers on the same hypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished?

A. Create a VLAN without a default gateway.

B. Remove the network from the routing table.

C. Create a virtual switch.

D. Commission a stand-alone switch.

A

Create a virtual switch.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Which of the following is the BEST technology for the sender to use in order to secure the in-band exchange of a shared key?

A. Steganography

B. Hashing algorithm

C. Asymmetric cryptography

D. Steam cipher

A

Asymmetric cryptography

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Which of the following ports is used for SSH, by default?

A. 23

B. 32

C. 12

D. 22

A

22

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

A security administrator wants to get a real time look at what attackers are doing in the wild, hoping to lower the risk of zero-day attacks. Which of the following should be used to accomplish this goal?

A. Penetration testing

B. Honeynets

C. Vulnerability scanning

D. Baseline reporting

A

Honeynets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

When a new network drop was installed, the cable was run across several fluorescent lights. The users of the new network drop experience intermittent connectivity. Which of the following environmental controls was MOST likely overlooked during installation?

A. Humidity sensors

B. EMI shielding

C. Channel interference

D. Cable kinking

A

EMI shielding

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

A company requires that a user’s credentials include providing something they know and something they are in order to gain access to the network. Which of the following types of authentication is being described?

A. Biometrics

B. Kerberos

C. Token

D. Two-factor

A

Two-factor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Highly sensitive data is stored in a database and is accessed by an application on a DMZ server. The disk drives on all servers are fully encrypted. Communication between the application server and end-users is also encrypted. Network ACLs prevent any connections to the database server except from the application server. Which of the following can still result in exposure of the sensitive data in the database server?

A. SQL Injection

B. Theft of the physical database server

C. Cookies

D. Cross-site scripting

A

SQL Injection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

While configuring a new access layer switch, the administrator, Peter, was advised that he needed to make sure that only devices authorized to access the network would be permitted to login and utilize resources. Which of the following should the administrator implement to ensure this happens?

A. Log Analysis

B. VLAN Management

C. Network separation

D. 802.1x

A

802.1x

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

What is a system that is intended or designed to be broken into by an attacker?

A. Honeypot

B. Honeybucket

C. Decoy

D. Spoofing system

A

Honeypot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Peter, the system administrator, is performing an overnight system refresh of hundreds of user computers. The refresh has a strict timeframe and must have zero downtime during business hours. Which of the following should Peter take into consideration?

A. A disk-based image of every computer as they are being replaced.

B. A plan that skips every other replaced computer to limit the area of affected users.

C. An offsite contingency server farm that can act as a warm site should any issues appear.

D. A back-out strategy planned out anticipating any unforeseen problems that may arise.

A

A back-out strategy planned out anticipating any unforeseen problems that may arise.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

A network inventory discovery application requires non-privileged access to all hosts on a network for inventory of installed applications. A service account is created by the network inventory discovery application for accessing all hosts. Which of the following is the MOST efficient method for granting the account non-privileged access to the hosts?

A. Implement Group Policy to add the account to the users group on the hosts

B. Add the account to the Domain Administrator group

C. Add the account to the Users group on the hosts

D. Implement Group Policy to add the account to the Power Users group on the hosts.

A

Implement Group Policy to add the account to the users group on the hosts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Peter, a user, in a coffee shop is checking his email over a wireless network. An attacker records the temporary credentials being passed to Peter’s browser. The attacker later uses the credentials to impersonate Peter and creates SPAM messages. Which of the following attacks allows for this impersonation?

A. XML injection

B. Directory traversal

C. Header manipulation

D. Session hijacking

A

Session hijacking

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Which of the following practices is used to mitigate a known security vulnerability?

A. Application fuzzing

B. Patch management

C. Password cracking

D. Auditing security logs

A

Patch management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Which of the following is true about input validation in a client-server architecture, when data integrity is critical to the organization?

A. It should be enforced on the client side only.

B. It must be protected by SSL encryption.

C. It must rely on the user’s knowledge of the application.

D. It should be performed on the server side.

A

It should be performed on the server side.

42
Q

Which of the following would be MOST appropriate if an organization’s requirements mandate complete control over the data and applications stored in the cloud?

A. Hybrid cloud

B. Community cloud

C. Private cloud

D. Public cloud

A

Private cloud

43
Q

A system administrator has been instructed by the head of security to protect their data at-rest.
Which of the following would provide the strongest protection?

A. Prohibiting removable media

B. Incorporating a full-disk encryption system

C. Biometric controls on data center entry points

D. A host-based intrusion detection system

A

Incorporating a full-disk encryption system

44
Q

The administrator receives a call from an employee named Peter. Peter says the Internet is down and he is receiving a blank page when typing to connect to a popular sports website. The administrator asks Peter to try visiting a popular search engine site, which Peter reports as successful. Peter then says that he can get to the sports site on this phone. Which of the following might the administrator need to configure?

A. The access rules on the IDS

B. The pop up blocker in the employee’s browser

C. The sensitivity level of the spam filter

D. The default block page on the URL filter

A

The default block page on the URL filter

45
Q

Which of the following best practices makes a wireless network more difficult to find?

A. Implement MAC filtering

B. UseWPA2-PSK

C. Disable SSID broadcast

D. Power down unused WAPs

A

Disable SSID broadcast

46
Q

Use of a smart card to authenticate remote servers remains MOST susceptible to which of the following attacks?

A. Malicious code on the local system

B. Shoulder surfing

C. Brute force certificate cracking

D. Distributed dictionary attacks

A

Malicious code on the local system

47
Q

A business has set up a Customer Service kiosk within a shopping mall. The location will be staffed by an employee using a laptop during the mall business hours, but there are still concerns regarding the physical safety of the equipment while it is not in use. Which of the following controls would BEST address this security concern?

A. Host-based firewall

B. Cable locks

C. Locking cabinets

D. Surveillance video

A

Locking cabinets

48
Q

A security architect wishes to implement a wireless network with connectivity to the company’s internal network. Before they inform all employees that this network is being put in place, the architect wants to roll it out to a small test segment. Which of the following allows for greater secrecy about this network during this initial phase of implementation?

A. Disabling SSID broadcasting

B. Implementing WPA2 – TKIP

C. Implementing WPA2 – CCMP

D. Filtering test workstations by MAC address

A

Disabling SSID broadcasting

49
Q

A user has plugged in a wireless router from home with default configurations into a network jack at the office. This is known as:

A. an evil twin.

B. an IV attack.

C. a rogue access point.

D. an unauthorized entry point.

A

a rogue access point

50
Q

A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario?

A. WPA2

B. WPA

C. IPv6

D. IPv4

A

IPv6

51
Q

One of the system administrators at a company is assigned to maintain a secure computer lab. The administrator has rights to configure machines, install software, and perform user account maintenance. However, the administrator cannot add new computers to the domain, because that requires authorization from the Information Assurance Officer. This is an example of which of the following?

A. Mandatory access

B. Rule-based access control

C. Least privilege

D. Job rotation

A

Least privilege

52
Q

A security analyst needs to logon to the console to perform maintenance on a remote server. Which of the following protocols would provide secure access?

A. SCP

B. SSH

C. SFTP

D. HTTPS

A

SSH

53
Q

A user, Ann, is reporting to the company IT support group that her workstation screen is blank other than a window with a message requesting payment or else her hard drive will be formatted. Which of the following types of malware is on Ann’s workstation?

A. Trojan

B. Spyware

C. Adware

D. Ransomware

A

Ransomware

54
Q

The string:
‘ or 1=1– ­
Represents which of the following?

A. Bluejacking

B. Rogue access point

C. SQL Injection

D. Client-side attacks

A

SQL Injection

55
Q

Peter, the system administrator, wishes to monitor and limit users’ access to external websites.
Which of the following would BEST address this?

A. Block all traffic on port 80.

B. Implement NIDS.

C. Use server load balancers.

D. Install a proxy server.

A

Install a proxy server.

56
Q

A security administrator needs to image a large hard drive for forensic analysis. Which of the following will allow for faster imaging to a second hard drive?

A. cp /dev/sda /dev/sdb bs=8k

B. tail -f /dev/sda > /dev/sdb bs=8k

C. dd in=/dev/sda out=/dev/sdb bs=4k

D. locate /dev/sda /dev/sdb bs=4k

A

dd in=/dev/sda out=/dev/sdb bs=4k

57
Q

Which of the following would Jane, an administrator, use to detect an unknown security vulnerability?

A. Patch management

B. Application fuzzing

C. ID badge

D. Application configuration baseline

A

Application fuzzing

58
Q

Without validating user input, an application becomes vulnerable to all of the following EXCEPT:

A. Buffer overflow.

B. Command injection.

C. Spear phishing.

D. SQL injection.

A

Spear phishing

59
Q

An organization has introduced token-based authentication to system administrators due to risk of password compromise. The tokens have a set of numbers that automatically change every 30 seconds. Which of the following type of authentication mechanism is this?

A. TOTP

B. Smart card

C. CHAP

D. HOTP

A

TOTP

60
Q

A network administrator has identified port 21 being open and the lack of an IDS as a potential risk to the company. Due to budget constraints, FTP is the only option that the company can is to transfer data and network equipment cannot be purchased. Which of the following is this known as?

A. Risk transference

B. Risk deterrence

C. Risk acceptance

D. Risk avoidance

A

Risk acceptance

61
Q

Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access?

A. Registration

B. CA

C. CRL

D. Recovery agent

A

CRL

62
Q

Ann, a newly hired human resource employee, sent out confidential emails with digital signatures, to an unintended group. Which of the following would prevent her from denying accountability?

A. Email Encryption

B. Steganography

C. Non Repudiation

D. Access Control

A

Non Repudiation

63
Q

Various network outages have occurred recently due to unapproved changes to network and security devices. All changes were made using various system credentials. The security analyst has been tasked to update the security policy. Which of the following risk mitigation strategies would also need to be implemented to reduce the number of network outages due to unauthorized changes?

A. User rights and permissions review

B. Configuration management

C. Incident management

D. Implement security controls on Layer 3 devices

A

User rights and permissions review

64
Q

Users require access to a certain server depending on their job function. Which of the following would be the MOST appropriate strategy for securing the server?

A. Common access card

B. Role based access control

C. Discretionary access control

D. Mandatory access control

A

Role based access control

65
Q

Which of the following ciphers would be BEST used to encrypt streaming video?

A. RSA

B. RC4

C. SHA1

D. 3DES

A

RC4

66
Q

A user has forgotten their account password. Which of the following is the BEST recovery strategy?

A. Upgrade the authentication system to use biometrics instead.

B. Temporarily disable password complexity requirements.

C. Set a temporary password that expires upon first use.

D. Retrieve the user password from the credentials database.

A

Set a temporary password that expires upon first use.

67
Q

Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords?

A. EAP-MD5

B. WEP

C. PEAP-MSCHAPv2

D. EAP-TLS

A

PEAP-MSCHAPv2

68
Q

After encrypting all laptop hard drives, an executive officer’s laptop has trouble booting to the operating system. Now that it is successfully encrypted the helpdesk cannot retrieve the data.
Which of the following can be used to decrypt the information for retrieval?

A. Recovery agent

B. Private key

C. Trust models

D. Public key

A

Recovery agent

69
Q

Peter, a security analyst, asks each employee of an organization to sign a statement saying that they understand how their activities may be monitored. Which of the following BEST describes this statement? (Select TWO).

A. Acceptable use policy

B. Risk acceptance policy

C. Privacy policy

D. Email policy

E. Security policy

A

Acceptable use policy

Privacy policy

70
Q

Which of the following provides dedicated hardware-based cryptographic functions to an operating system and its applications running on laptops and desktops?

A. TPM

B. HSM

C. CPU

D. FPU

A

TPM

71
Q

Jane has implemented an array of four servers to accomplish one specific task. This is BEST known as which of the following?

A. Clustering

B. RAID

C. Load balancing

D. Virtualization

A

Clustering

72
Q

An administrator has advised against the use of Bluetooth phones due to bluesnarfing concerns.
Which of the following is an example of this threat?

A. An attacker using the phone remotely for spoofing other phone numbers

B. Unauthorized intrusions into the phone to access data

C. The Bluetooth enabled phone causing signal interference with the network

D. An attacker using exploits that allow the phone to be disabled

A

Unauthorized intrusions into the phone to access data

73
Q

Users can authenticate to a company’s web applications using their credentials from a popular social media site. Which of the following poses the greatest risk with this integration?

A. Malicious users can exploit local corporate credentials with their social media credentials

B. Changes to passwords on the social media site can be delayed from replicating to the company

C. Data loss from the corporate servers can create legal liabilities with the social media site

D. Password breaches to the social media site affect the company application as well

A

Password breaches to the social media site affect the company application as well

74
Q

Signed digital certificates used to secure communication with a web server are MOST commonly associated with which of the following ports?

A. 25

B. 53

C. 143

D. 443

A

443

75
Q

A security manager must remain aware of the security posture of each system. Which of the following supports this requirement?

A. Training staff on security policies

B. Establishing baseline reporting

C. Installing anti-malware software

D. Disabling unnecessary accounts/services

A

Establishing baseline reporting

76
Q

Account lockout is a mitigation strategy used by Jane, the administrator, to combat which of the following attacks? (Select TWO).

A. Spoofing

B. Man-in-the-middle

C. Dictionary

D. Brute force

E. Privilege escalation

A

Dictionary

Brute force

77
Q

The security officer is preparing a read-only USB stick with a document of important personal phone numbers, vendor contacts, an MD5 program, and other tools to provide to employees. At which of the following points in an incident should the officer instruct employees to use this information?

A. Business Impact Analysis

B. First Responder

C. Damage and Loss Control

D. Contingency Planning

A

First Responder

78
Q

A security administrator must implement a firewall rule to allow remote employees to VPN onto the company network. The VPN concentrator implements SSL VPN over the standard HTTPS port. Which of the following is the MOST secure ACL to implement at the company’s gateway firewall?

A. PERMIT TCP FROM ANY 443 TO 199.70.5.25 443

B. PERMIT TCP FROM ANY ANY TO 199.70.5.23 ANY

C. PERMIT TCP FROM 199.70.5.23 ANY TO ANY ANY

D. PERMIT TCP FROM ANY 1024-65535 TO 199.70.5.23 443

A

PERMIT TCP FROM ANY 1024-65535 TO 199.70.5.23 443

79
Q

Which of the following would an attacker use to penetrate and capture additional traffic prior to performing an IV attack?

A. DNS poisoning

B. DDoS

C. Replay attack

D. Dictionary attacks

A

Dictionary attacks

80
Q

Which of the following will help prevent smurf attacks?

A. Allowing necessary UDP packets in and out of the network

B. Disabling directed broadcast on border routers

C. Disabling unused services on the gateway firewall

D. Flash the BIOS with the latest firmware

A

Disabling directed broadcast on border routers

81
Q

An agent wants to create fast and efficient cryptographic keys to use with Diffie-Hellman without using prime numbers to generate the keys. Which of the following should be used?

A. Elliptic curve cryptography

B. Quantum cryptography

C. Public key cryptography

D. Symmetric cryptography

A

Symmetric cryptography

82
Q

A security administrator wants to test the reliability of an application which accepts user provided parameters. The administrator is concerned with data integrity and availability. Which of the following should be implemented to accomplish this task?

A. Secure coding

B. Fuzzing

C. Exception handling

D. Input validation

A

Fuzzing

83
Q

Ann, an employee, is cleaning out her desk and disposes of paperwork containing confidential customer information in a recycle bin without shredding it first. This is MOST likely to increase the risk of loss from which of the following attacks?

A. Shoulder surfing

B. Dumpster diving

C. Tailgating

D. Spoofing

A

Dumpster diving

84
Q

A network security engineer notices unusual traffic on the network from a single IP attempting to access systems on port 23. Port 23 is not used anywhere on the network. Which of the following should the engineer do to harden the network from this type of intrusion in the future?

A. Disable unnecessary services on servers

B. Disable unused accounts on servers and network devices

C. Implement password requirements on servers and network devices

D. Enable auditing on event logs

A

Disable unnecessary services on servers

85
Q

A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this?

A. ICMP

B. BGP

C. NetBIOS

D. DNS

A

NetBIOS

86
Q

A security administrator has been tasked with setting up a new internal wireless network that must use end to end TLS. Which of the following may be used to meet this objective?

A. WPA

B. HTTPS

C. WEP

D. WPA2

A

WPA2

87
Q

Which of the following types of data encryption would Matt, a security administrator, use to encrypt a specific table?

A. Full disk

B. Individual files

C. Database

D. Removable media

A

Database

88
Q

Matt, the Chief Information Security Officer (CISO), tells the network administrator that a security company has been hired to perform a penetration test against his network. The security company asks Matt which type of testing would be most beneficial for him. Which of the following BEST describes what the security company might do during a black box test?

A. The security company is provided with all network ranges, security devices in place, and logical maps of the network.

B. The security company is provided with no information about the corporate network or physical locations.

C. The security company is provided with limited information on the network, including all network diagrams.

D. The security company is provided with limited information on the network, including some subnet ranges and logical network diagrams.

A

The security company is provided with no information about the corporate network or physical locations.

89
Q

An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to combine the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal?

A. Unified Threat Management

B. Virtual Private Network

C. Single sign on

D. Role-based management

A

Unified Threat Management

90
Q

In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified?

A. Security control frameworks

B. Best practice

C. Access control methodologies

D. Compliance activity

A

Best practice

91
Q

A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for other software updates.
Which of the following processes could MOST effectively mitigate these risks?

A. Application hardening

B. Application change management

C. Application patch management

D. Application firewall review

A

Application patch management

92
Q

A Windows-based computer is infected with malware and is running too slowly to boot and run a malware scanner. Which of the following is the BEST way to run the malware scanner?

A. Kill all system processes

B. Enable the firewall

C. Boot from CD/USB

D. Disable the network connection

A

Boot from CD/USB

93
Q

Which of the following should be done before resetting a user’s password due to expiration?

A. Verify the user’s domain membership.

B. Verify the user’s identity.

C. Advise the user of new policies.

D. Verify the proper group membership.

A

Verify the user’s domain membership

94
Q

An IT director is looking to reduce the footprint of their company’s server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. Which of the following BEST describes this arrangement?

A. Infrastructure as a Service

B. Storage as a Service

C. Platform as a Service

D. Software as a Service

A

Infrastructure as a Service

95
Q

Using proximity card readers instead of the traditional key punch doors would help to mitigate:

A. Impersonation

B. Tailgating

C. Dumpster diving

D. Shoulder surfing

A

Shoulder surfing

96
Q

Two programmers write a new secure application for the human resources department to store personal identifiable information. The programmers make the application available to themselves using an uncommon port along with an ID and password only they know. This is an example of which of the following?

A. Root Kit

B. Spyware

C. Logic Bomb

D. Backdoor

A

Backdoor

97
Q

Which of the following statements is MOST likely to be included in the security awareness training about P2P?

A. P2P is always used to download copyrighted material.

B. P2P can be used to improve computer system response.

C. P2P may prevent viruses from entering the network.

D. P2P may cause excessive network bandwidth.

A

P2P may cause excessive network bandwidth.

98
Q

A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO).

A. RDP

B. SNMP

C. FTP

D. SCP

E. SSH

A

SCP

SSH

99
Q

A security analyst implemented group-based privileges within the company active directory. Which of the following account management techniques should be undertaken regularly to ensure least privilege principles?

A. Leverage role-based access controls.

B. Perform user group clean-up.

C. Verify smart card access controls.

D. Verify SHA-256 for password hashes.

A

Perform user group clean-up.

100
Q

An administrator wants to minimize the amount of time needed to perform backups during the week. It is also acceptable to the administrator for restoration to take an extended time frame.
Which of the following strategies would the administrator MOST likely implement?

A. Full backups on the weekend and incremental during the week

B. Full backups on the weekend and full backups every day

C. Incremental backups on the weekend and differential backups every day

D. Differential backups on the weekend and full backups every day

A

Full backups on the weekend and incremental during the week