Deck L

Question 1

Peter, the compliance manager, wants to meet regulations. Peter would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Peter implement to BEST achieve this goal?

A. A host-based intrusion prevention system

B. A host-based firewall

C. Antivirus update system

D. A network-based intrusion detection system

Answer 1

A host-based firewall

Question 2

Which of the following risks could IT management be mitigating by removing an all-in-one device?

A. Continuity of operations

B. Input validation

C. Single point of failure

D. Single sign on

Answer 2

Single point of failure

Question 3

A merchant acquirer has the need to store credit card numbers in a transactional database in a high performance environment. Which of the following BEST protects the credit card data?

A. Database field encryption

B. File-level encryption

C. Data loss prevention system

D. Full disk encryption

Answer 3

Database field encryption

Question 4

An administrator is investigating a system that may potentially be compromised, and sees the following log entries on the router.
*Jul 15 14:47:29.779:%Router1: list 101 permitted tcp 192.10.3.204(57222) (FastEthernet 0/3) ->
10.10.1.5 (6667), 3 packets.
*Jul 15 14:47:38.779:%Router1: list 101 permitted tcp 192.10.3.204(57222) (FastEthernet 0/3) ->
10.10.1.5 (6667), 6 packets.
*Jul 15 14:47:45.779:%Router1: list 101 permitted tcp 192.10.3.204(57222) (FastEthernet 0/3) ->
10.10.1.5 (6667), 8 packets.
Which of the following BEST describes the compromised system?

A. It is running a rogue web server

B. It is being used in a man-in-the-middle attack

C. It is participating in a botnet

D. It is an ARP poisoning attack

Answer 4

It is participating in a botnet

Question 5

A company wants to ensure that all aspects if data are protected when sending to other sites within the enterprise. Which of the following would ensure some type of encryption is performed while data is in transit?

A. SSH

B. SHA1

C. TPM

D. MD5

Answer 5

TPM

Question 6

Peter, an employee is taking a taxi through a busy city and starts to receive unsolicited files sent to his Smartphone. Which of the following is this an example of?

A. Vishing

B. Bluejacking

C. War Driving

D. SPIM

E. Bluesnarfing

Answer 6

Bluejacking

Question 7

Which of the following is a notification that an unusual condition exists and should be investigated?

A. Alert

B. Trend

C. Alarm

D. Trap

Answer 7

Alert

Question 8

A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs:
10.10.3.16
10.10.3.23
212.178.24.26
217.24.94.83
These attempts are overloading the server to the point that it cannot respond to traffic. Which of the following attacks is occurring?

A. XSS

B. DDoS

C. DoS

D. Xmas

Answer 8

DDoS

Question 9

Which of the following documents outlines the responsibility of both participants in an agreement between two organizations?

A. RFC

B. MOU

C. RFQ

D. SLA

Answer 9

MOU

Question 10

A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access. Which of the following should the company configure to protect the servers from the user devices? (Select TWO).

A. Deny incoming connections to the outside router interface.

B. Change the default HTTP port

C. Implement EAP-TLS to establish mutual authentication

D. Disable the physical switch ports

E. Create a server VLAN

F. Create an ACL to access the server

Answer 10

Create a server VLAN

Create an ACL to access the server

Question 11

Ann, a security administrator at a call center, has been experiencing problems with users intentionally installing unapproved and occasionally malicious software on their computers. Due to the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST alleviate her concerns?

A. Deploy a HIDS suite on the users’ computers to prevent application installation.

B. Maintain the baseline posture at the highest OS patch level.

C. Enable the pop-up blockers on the users’ browsers to prevent malware.

D. Create an approved application list and block anything not on it.

Answer 11

Create an approved application list and block anything not on it.

Question 12

The Chief Security Officer (CSO) for a datacenter in a hostile environment is concerned about protecting the facility from car bomb attacks. Which of the following BEST would protect the building from this threat? (Select two.)

A. Dogs

B. Fencing

C. CCTV

D. Guards

E. Bollards

F. Lighting

Answer 12

Fencing

Bollards

Question 13

Which of the following is the BEST way to prevent Cross-Site Request Forgery (XSRF) attacks?

A. Check the referrer field in the HTTP header

B. Disable Flash content

C. Use only cookies for authentication

D. Use only HTTPS URLs

Answer 13

Check the referrer field in the HTTP header

Question 14

A company is about to release a very large patch to its customers. An administrator is required to test patch installations several times prior to distributing them to customer PCs.
Which of the following should the administrator use to test the patching process quickly and often?

A. Create an incremental backup of an unpatched PC

B. Create an image of a patched PC and replicate it to servers

C. Create a full disk image to restore after each installation

D. Create a virtualized sandbox and utilize snapshots

Answer 14

Create a virtualized sandbox and utilize snapshots

Question 15

Which of the following is the GREATEST security risk of two or more companies working together under a Memorandum of Understanding?

A. Budgetary considerations may not have been written into the MOU, leaving an entity to absorb more cost than intended at signing.

B. MOUs have strict policies in place for services performed between the entities and the penalties for compromising a partner are high.

C. MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities.

D. MOUs between two companies working together cannot be held to the same legal standards as SLAs.

Answer 15

MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities.

Question 16

A company’s employees were victims of a spear phishing campaign impersonating the CEO. The company would now like to implement a solution to improve the overall security posture by assuring their employees that email originated from the CEO. Which of the following controls could they implement to BEST meet this goal?

A. Spam filter

B. Digital signatures

C. Antivirus software

D. Digital certificates

Answer 16

Digital signatures

Question 17

A user has received an email from an external source which asks for details on the company’s new product line set for release in one month. The user has a detailed spec sheet but it is marked “Internal Proprietary Information”. Which of the following should the user do NEXT?

A. Contact their manager and request guidance on how to best move forward

B. Contact the help desk and/or incident response team to determine next steps

C. Provide the requestor with the email information since it will be released soon anyway

D. Reply back to the requestor to gain their contact information and call them

Answer 17

Contact the help desk and/or incident response team to determine next steps

Question 18

Which of the following describes the process of removing unnecessary accounts and services from an application to reduce risk exposure?

A. Error and exception handling

B. Application hardening

C. Application patch management

D. Cross-site script prevention

Answer 18

Application hardening

Question 19

Privilege creep among long-term employees can be mitigated by which of the following procedures?

A. User permission reviews

B. Mandatory vacations

C. Separation of duties

D. Job function rotation

Answer 19

User permission reviews

Question 20

Peter, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?

A. NIPS

B. HIDS

C. HIPS

D. NIDS

Answer 20

NIPS

Question 21

Due to issues with building keys being duplicated and distributed, a security administrator wishes to change to a different security control regarding a restricted area. The goal is to provide access based upon facial recognition. Which of the following will address this requirement?

A. Set up mantraps to avoid tailgating of approved users.

B. Place a guard at the entrance to approve access.

C. Install a fingerprint scanner at the entrance.

D. Implement proximity readers to scan users’ badges.

Answer 21

Place a guard at the entrance to approve access.

Question 22

Users are unable to connect to the web server at IP 192.168.0.20. Which of the following can be inferred of a firewall that is configured ONLY with the following ACL?
PERMIT TCP ANY HOST 192.168.0.10 EQ 80
PERMIT TCP ANY HOST 192.168.0.10 EQ 443

A. It implements stateful packet filtering.

B. It implements bottom-up processing.

C. It failed closed.

D. It implements an implicit deny.

Answer 22

It implements an implicit deny.

Question 23

Everyone in the accounting department has the ability to print and sign checks. Internal audit has asked that only one group of employees may print checks while only two other employees may sign the checks. Which of the following concepts would enforce this process?

A. Separation of Duties

B. Mandatory Vacations

C. Discretionary Access Control

D. Job Rotation

Answer 23

Separation of Duties

Question 24

A new intern was assigned to the system engineering department, which consists of the system architect and system software developer’s teams. These two teams have separate privileges. The intern requires privileges to view the system architectural drawings and comment on some software development projects. Which of the following methods should the system administrator implement?

A. Group based privileges

B. Generic account prohibition

C. User access review

D. Credential management

Answer 24

Group based privileges

Question 25

A software developer wants to prevent stored passwords from being easily decrypted. When the password is stored by the application, additional text is added to each password before the password is hashed. This technique is known as:

A. Symmetric cryptography.

B. Private key cryptography.

C. Salting.

D. Rainbow tables.

Answer 25

Salting

Question 26

Peter, a user, reports to the system administrator that he is receiving an error stating his certificate has been revoked. Which of the following is the name of the database repository for these certificates?

A. CSR

B. OCSP

C. CA

D. CRL

Answer 26

CRL

Question 27

Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication.
Which of the following is an authentication method Jane should use?

A. WPA2-PSK

B. WEP-PSK

C. CCMP

D. LEAP

Answer 27

LEAP

Question 28

A new mobile banking application is being developed and uses SSL / TLS certificates but penetration tests show that it is still vulnerable to man-in-the-middle attacks, such as DNS hijacking. Which of the following would mitigate this attack?

A. Certificate revocation

B. Key escrow

C. Public key infrastructure

D. Certificate pinning

Answer 28

Certificate pinning

Question 29

Users report that after downloading several applications, their systems’ performance has noticeably decreased. Which of the following would be used to validate programs prior to installing them?

A. Whole disk encryption

B. SSH

C. Telnet

D. MD5

Answer 29

MD5

Question 30

A large bank has moved back office operations offshore to another country with lower wage costs in an attempt to improve profit and productivity. Which of the following would be a customer concern if the offshore staff had direct access to their data?

A. Service level agreements

B. Interoperability agreements

C. Privacy considerations

D. Data ownership

Answer 30

Privacy considerations

Question 31

An organization is implementing a password management application which requires that all local administrator passwords be stored and automatically managed. Auditors will be responsible for monitoring activities in the application by reviewing the logs. Which of the following security controls is the BEST option to prevent auditors from accessing or modifying passwords in the application?

A. Time of day restrictions

B. Create user accounts for the auditors and assign read-only access

C. Mandatory access control

D. Role-based access with read-only

Answer 31

Role-based access with read-only

Question 32

A security administrator discovers an image file that has several plain text documents hidden in the file. Which of the following security goals is met by camouflaging data inside of other files?

A. Integrity

B. Confidentiality

C. Steganography

D. Availability

Answer 32

Steganography

Question 33

The database server used by the payroll system crashed at 3 PM and payroll is due at 5 PM. Which of the following metrics is MOST important is this instance?

A. ARO

B. SLE

C. MTTR

D. MTBF

Answer 33

MTTR

Question 34

Which of the following is the MOST intrusive type of testing against a production system?

A. White box testing

B. War dialing

C. Vulnerability testing

D. Penetration testing

Answer 34

Penetration testing

Question 35

The Chief Information Officer (CIO) receives an anonymous threatening message that says “beware of the 1st of the year”. The CIO suspects the message may be from a former disgruntled employee planning an attack.
Which of the following should the CIO be concerned with?

A. Smurf Attack

B. Trojan

C. Logic bomb

D. Virus

Answer 35

Logic bomb

Question 36

Which of the following types of attacks involves interception of authentication traffic in an attempt to gain unauthorized access to a wireless network?

A. Near field communication

B. IV attack

C. Evil twin

D. Replay attack

Answer 36

IV attack

Question 37

After a recent internal audit, the security administrator was tasked to ensure that all credentials must be changed within 90 days, cannot be repeated, and cannot contain any dictionary words or patterns. All credentials will remain enabled regardless of the number of attempts made. Which of the following types of user account options were enforced? (Select TWO).

A. Recovery

B. User assigned privileges

C. Lockout

D. Disablement

E. Group based privileges

F. Password expiration

G. Password complexity

Answer 37

Password expiration

Password complexity

Question 38

Encryption used by RADIUS is BEST described as:

A. Quantum

B. Elliptical curve

C. Asymmetric

D. Symmetric

Answer 38

Symmetric

Question 39

Which of the following types of authentication solutions use tickets to provide access to various resources from a central location?

A. Biometrics

B. PKI

C. ACLs

D. Kerberos

Answer 39

Kerberos

Question 40

The ore-sales engineering team needs to quickly provide accurate and up-to-date information to potential clients. This information includes design specifications and engineering data that is developed and stored using numerous applications across the enterprise. Which of the following authentication technique is MOST appropriate?

A. Common access cards

B. TOTP

C. Single sign-on

D. HOTP

Answer 40

TOTP

Question 41

A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks.
Which of the following is MOST likely the reason for the sub-interfaces?

A. The network uses the subnet of 255.255.255.128.

B. The switch has several VLANs configured on it.

C. The sub-interfaces are configured for VoIP traffic.

D. The sub-interfaces each implement quality of service.

Answer 41

The switch has several VLANs configured on it.

Question 42

An Information Systems Security Officer (ISSO) has been placed in charge of a classified peer-to­peer network that cannot connect to the Internet. The ISSO can update the antivirus definitions manually, but which of the following steps is MOST important?

A. A full scan must be run on the network after the DAT file is installed.

B. The signatures must have a hash value equal to what is displayed on the vendor site.

C. The definition file must be updated within seven days.

D. All users must be logged off of the network prior to the installation of the definition file.

Answer 42

The signatures must have a hash value equal to what is displayed on the vendor site.

Question 43

A security administrator has been tasked to ensure access to all network equipment is controlled by a central server such as TACACS+. This type of implementation supports which of the following risk mitigation strategies?

A. User rights and permissions review

B. Change management

C. Data loss prevention

D. Implement procedures to prevent data theft

Answer 43

User rights and permissions review

Question 44

A security administrator plans on replacing a critical business application in five years. Recently, there was a security flaw discovered in the application that will cause the IT department to manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement. Which of the following should the security administrator do in regards to the application?

A. Avoid the risk to the user base allowing them to re-enable their own accounts

B. Mitigate the risk by patching the application to increase security and saving money

C. Transfer the risk replacing the application now instead of in five years

D. Accept the risk and continue to enable the accounts each month saving money

Answer 44

Accept the risk and continue to enable the accounts each month saving money

Question 45

An organization’s security policy states that users must authenticate using something you do. Which of the following would meet the objectives of the security policy?

A. Fingerprint analysis

B. Signature analysis

C. Swipe a badge

D. Password

Answer 45

Signature analysis

Question 46

Given the following list of corporate access points, which of the following attacks is MOST likely underway if the company wireless network uses the same wireless hardware throughout? 
MACSID 
00:01:AB:FA:CD:34Corporate AP 
00:01:AB:FA:CD:35Corporate AP 
00:01:AB:FA:CD:36Corporate AP 
00:01:AB:FA:CD:37Corporate AP 
00:01:AB:FA:CD:34Corporate AP 

A. Packet sniffing

B. Evil Twin

C. WPS attack

D. Rogue access point

Answer 46

Evil Twin

Question 47

Which of the following may significantly reduce data loss if multiple drives fail at the same time?

A. Virtualization

B. RAID

C. Load balancing

D. Server clustering

Answer 47

RAID

Question 48

Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security?

A. WPA2-AES

B. 802.11ac

C. WPA-TKIP

D. WEP

Answer 48

WPA-TKIP

Question 49

Which of the following authentication services uses a ticket granting system to provide access?

A. RADIUS

B. LDAP

C. TACACS+

D. Kerberos

Answer 49

Kerberos

Question 50

A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department?

A. Time of day restrictions

B. Group based privileges

C. User assigned privileges

D. Domain admin restrictions

Answer 50

Group based privileges

Question 51

A certificate authority takes which of the following actions in PKI?

A. Signs and verifies all infrastructure messages

B. Issues and signs all private keys

C. Publishes key escrow lists to CRLs

D. Issues and signs all root certificates

Answer 51

Issues and signs all root certificates

Question 52

Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone number displayed on the caller ID matches the vendor’s number. When the purchasing agent asks to call the vendor back, they are given a different phone number with a different area code.
Which of the following attack types is this?

A. Hoax

B. Impersonation

C. Spear phishing

D. Whaling

Answer 52

Impersonation

Question 53

Peter, the security administrator, has determined that one of his web servers is under attack. Which of the following can help determine where the attack originated from?

A. Capture system image

B. Record time offset

C. Screenshots

D. Network sniffing

Answer 53

Network sniffing

Question 54

Ann, the software security engineer, works for a major software vendor. Which of the following practices should be implemented to help prevent race conditions, buffer overflows, and other similar vulnerabilities prior to each production release?

A. Product baseline report

B. Input validation

C. Patch regression testing

D. Code review

Answer 54

Code review

Question 55

In order for Emily, a client, to logon to her desktop computer, she must provide her username, password, and a four digit PIN. Which of the following authentication methods is Emily using?

A. Three factor

B. Single factor

C. Two factor

D. Four factor

Answer 55

Single factor

Question 56

Emily, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Emily should report to management for a security breach?

A. $1,500

B. $3,750

C. $15,000

D. $75,000

Answer 56

$3,750

Question 57

After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in this situation?

A. Information Security Awareness

B. Social Media and BYOD

C. Data Handling and Disposal

D. Acceptable Use of IT Systems

Answer 57

Information Security Awareness

Question 58

Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise:

A. user accounts may be inadvertently locked out.

B. data on the USB drive could be corrupted.

C. data on the hard drive will be vulnerable to log analysis.

D. the security controls on the USB drive can be bypassed.

Answer 58

the security controls on the USB drive can be bypassed.

Question 59

Matt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. Which of the following is MOST likely affected?

A. Application design

B. Application security

C. Initial baseline configuration

D. Management of interfaces

Answer 59

Initial baseline configuration

Question 60

Which of the following would be used to identify the security posture of a network without actually exploiting any weaknesses?

A. Penetration test

B. Code review

C. Vulnerability scan

D. Brute Force scan

Answer 60

Vulnerability scan

Question 61

Which of the following can result in significant administrative overhead from incorrect reporting?

A. Job rotation

B. Acceptable usage policies

C. False positives

D. Mandatory vacations

Answer 61

False positives

Question 62

Which of the following should a company implement to BEST mitigate from zero-day malicious code executing on employees’ computers?

A. Least privilege accounts

B. Host-based firewalls

C. Intrusion Detection Systems

D. Application whitelisting

Answer 62

Application whitelisting

Question 63

Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly?

A. Protocol analyzer

B. Baseline report

C. Risk assessment

D. Vulnerability scan

Answer 63

Protocol analyzer

Question 64

Which of the following was based on a previous X.500 specification and allows either unencrypted authentication or encrypted authentication through the use of TLS?

A. Kerberos

B. TACACS+

C. RADIUS

D. LDAP

Answer 64

LDAP

Question 65

Multi-tenancy is a concept found in which of the following?

A. Full disk encryption

B. Removable media

C. Cloud computing

D. Data loss prevention

Answer 65

Cloud computing

Question 66

A company has decided to move large data sets to a cloud provider in order to limit the costs of new infrastructure. Some of the data is sensitive and the Chief Information Officer wants to make sure both parties have a clear understanding of the controls needed to protect the data.
Which of the following types of interoperability agreement is this?

A. ISA

B. MOU

C. SLA

D. BPA

Answer 66

ISA

Question 67

The systems administrator notices that many employees are using passwords that can be easily guessed or are susceptible to brute force attacks. Which of the following would BEST mitigate this risk?

A. Enforce password rules requiring complexity.

B. Shorten the maximum life of account passwords.

C. Increase the minimum password length.

D. Enforce account lockout policies.

Answer 67

Enforce password rules requiring complexity.

Question 68

Which of the following protocols is MOST likely to be leveraged by users who need additional information about another user?

A. LDAP

B. RADIUS

C. Kerberos

D. TACACS+

Answer 68

LDAP

Question 69

Peter, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify that the email came from Peter and decrypt it? (Select TWO).

A. The CA’s public key

B. Ann’s public key

C. Peter’s private key

D. Ann’s private key

E. The CA’s private key

F. Peter’s public key

Answer 69

Ann’s private key

Peter’s public key

Question 70

A computer is found to be infected with malware and a technician re-installs the operating system. The computer remains infected with malware. This is an example of:

A. a rootkit.

B. a MBR infection.

C. an exploit kit.

D. Spyware.

Answer 70

a MBR infection

Question 71

A company is preparing to decommission an offline, non-networked root certificate server. Before sending the server’s drives to be destroyed by a contracted company, the Chief Security Officer (CSO) wants to be certain that the data will not be accessed. Which of the following, if implemented, would BEST reassure the CSO? (Select TWO).

A. Disk hashing procedures

B. Full disk encryption

C. Data retention policies

D. Disk wiping procedures

E. Removable media encryption

Answer 71

Full disk encryption

Disk wiping procedures

Question 72

Three of the primary security control types that can be implemented are.

A. Supervisory, subordinate, and peer.

B. Personal, procedural, and legal.

C. Operational, technical, and management.

D. Mandatory, discretionary, and permanent.

Answer 72

Operational, technical, and management.

Question 73

A system administrator is configuring shared secrets on servers and clients. Which of the following authentication services is being deployed by the administrator? (Select two.)

A. Kerberos

B. RADIUS

C. TACACS+

D. LDAP

E. Secure LDAP

Answer 73

RADIUS

LDAP

Question 74

Which of the following is a difference between TFTP and FTP?

A. TFTP is slower than FTP.

B. TFTP is more secure than FTP.

C. TFTP utilizes TCP and FTP uses UDP.

D. TFTP utilizes UDP and FTP uses TCP.

Answer 74

TFTP utilizes UDP and FTP uses TCP.

Question 75

The company’s sales team plans to work late to provide the Chief Executive Officer (CEO) with a special report of sales before the quarter ends. After working for several hours, the team finds they cannot save or print the reports.
Which of the following controls is preventing them from completing their work?

A. Discretionary access control

B. Role-based access control

C. Time of Day access control

D. Mandatory access control

Answer 75

Time of Day access control

Question 76

Which of the following identifies certificates that have been compromised or suspected of being compromised?

A. Certificate revocation list

B. Access control list

C. Key escrow registry

D. Certificate authority

Answer 76

Certificate revocation list

Question 77

A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating system level security and the ability to secure the data from alteration. Which of the following methods would MOST likely work?

A. Cloud storage

B. Removal Media

C. TPM

D. Wiping

Answer 77

TPM

Question 78

A security administrator at a company which implements key escrow and symmetric encryption only, needs to decrypt an employee’s file. The employee refuses to provide the decryption key to the file. Which of the following can the administrator do to decrypt the file?

A. Use the employee’s private key

B. Use the CA private key

C. Retrieve the encryption key

D. Use the recovery agent

Answer 78

Retrieve the encryption key

Question 79

Peter, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Peter’s access to this site?

A. Internet content filter

B. Firewall

C. Proxy server

D. Protocol analyzer

Answer 79

Internet content filter

Question 80

A security administrator is reviewing the below output from a password auditing tool:
P@ss.
@pW1.
S3cU4
Which of the following additional policies should be implemented based on the tool’s output?

A. Password age

B. Password history

C. Password length

D. Password complexity

Answer 80

Password length

Question 81

Which of the following is a hardware-based security technology included in a computer?

A. Symmetric key

B. Asymmetric key

C. Whole disk encryption

D. Trusted platform module

Answer 81

Trusted platform module

Question 82

Which of the following BEST describes the type of attack that is occurring?

A. Smurf Attack

B. Man in the middle

C. Backdoor

D. Replay

E. Spear Phishing

F. Xmas Attack

G. Blue Jacking

H. Ping of Death

Answer 82

Smurf Attack

Question 83

Which of the following types of cloud computing would be MOST appropriate if an organization required complete control of the environment?

A. Hybrid Cloud

B. Private cloud

C. Community cloud

D. Community cloud

E. Public cloud

Answer 83

Private cloud

Question 84

A server administrator notes that a fully patched application often stops running due to a memory error. When reviewing the debugging logs they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describes?

A. Malicious add-on

B. SQL injection

C. Cross site scripting

D. Zero-day

Answer 84

Zero-day

Question 85

Matt, a security administrator, wants to ensure that the message he is sending does not get intercepted or modified in transit. This concern relates to which of the following concepts?

A. Availability

B. Integrity

C. Accounting

D. Confidentiality

Answer 85

Integrity

Question 86

Which of the following attacks allows access to contact lists on cellular phones?

A. War chalking

B. Blue jacking

C. Packet sniffing

D. Bluesnarfing

Answer 86

Bluesnarfing

Question 87

Ann was reviewing her company’s event logs and observed several instances of GUEST accessing the company print server, file server, and archive database. As she continued to investigate, Ann noticed that it seemed to happen at random intervals throughout the day, but mostly after the weekly automated patching and often logging in at the same time. Which of the following would BEST mitigate this issue?

A. Enabling time of day restrictions

B. Disabling unnecessary services

C. Disabling unnecessary accounts

D. Rogue machine detection

Answer 87

Disabling unnecessary accounts

Question 88

An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?

A. Create three VLANs on the switch connected to a router

B. Define three subnets, configure each device to use their own dedicated IP address range, and then connect the network to a router

C. Install a firewall and connect it to the switch

D. Install a firewall and connect it to a dedicated switch for each device type

Answer 88

Create three VLANs on the switch connected to a router

Question 89

Peter, an administrator, installs a web server on the Internet that performs credit card transactions for customer payments. Peter also sets up a second web server that looks like the first web server.
However, the second server contains fabricated files and folders made to look like payments were processed on this server but really were not. Which of the following is the second server?

A. DMZ

B. Honeynet

C. VLAN

D. Honeypot

Answer 89

Honeypot

Question 90

RC4 is a strong encryption protocol that is generally used with which of the following?

A. WPA2 CCMP

B. PEAP

C. WEP

D. EAP-TLS

Answer 90

WEP

Question 91

for the shell?

A. The NX bit is enabled

B. The system uses ASLR

C. The shell is obfuscated

D. The code uses dynamic libraries

Answer 91

The system is obfuscated