Deck L Flashcards by Jerry Brinson

Peter, the compliance manager, wants to meet regulations. Peter would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Peter implement to BEST achieve this goal?

A. A host-based intrusion prevention system

B. A host-based firewall

C. Antivirus update system

D. A network-based intrusion detection system

A host-based firewall

How well did you know this?

Not at all

Perfectly

Which of the following risks could IT management be mitigating by removing an all-in-one device?

A. Continuity of operations

B. Input validation

C. Single point of failure

D. Single sign on

Single point of failure

How well did you know this?

Not at all

Perfectly

A merchant acquirer has the need to store credit card numbers in a transactional database in a high performance environment. Which of the following BEST protects the credit card data?

A. Database field encryption

B. File-level encryption

C. Data loss prevention system

D. Full disk encryption

Database field encryption

How well did you know this?

Not at all

Perfectly

An administrator is investigating a system that may potentially be compromised, and sees the following log entries on the router.
*Jul 15 14:47:29.779:%Router1: list 101 permitted tcp 192.10.3.204(57222) (FastEthernet 0/3) ->
10.10.1.5 (6667), 3 packets.
*Jul 15 14:47:38.779:%Router1: list 101 permitted tcp 192.10.3.204(57222) (FastEthernet 0/3) ->
10.10.1.5 (6667), 6 packets.
*Jul 15 14:47:45.779:%Router1: list 101 permitted tcp 192.10.3.204(57222) (FastEthernet 0/3) ->
10.10.1.5 (6667), 8 packets.
Which of the following BEST describes the compromised system?

A. It is running a rogue web server

B. It is being used in a man-in-the-middle attack

C. It is participating in a botnet

D. It is an ARP poisoning attack

It is participating in a botnet

How well did you know this?

Not at all

Perfectly

A company wants to ensure that all aspects if data are protected when sending to other sites within the enterprise. Which of the following would ensure some type of encryption is performed while data is in transit?

A. SSH

B. SHA1

C. TPM

D. MD5

TPM

How well did you know this?

Not at all

Perfectly

Peter, an employee is taking a taxi through a busy city and starts to receive unsolicited files sent to his Smartphone. Which of the following is this an example of?

A. Vishing

B. Bluejacking

C. War Driving

D. SPIM

E. Bluesnarfing

Bluejacking

How well did you know this?

Not at all

Perfectly

Which of the following is a notification that an unusual condition exists and should be investigated?

A. Alert

B. Trend

C. Alarm

D. Trap

Alert

How well did you know this?

Not at all

Perfectly

A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs:
10.10.3.16
10.10.3.23
212.178.24.26
217.24.94.83
These attempts are overloading the server to the point that it cannot respond to traffic. Which of the following attacks is occurring?

A. XSS

B. DDoS

C. DoS

D. Xmas

DDoS

How well did you know this?

Not at all

Perfectly

Which of the following documents outlines the responsibility of both participants in an agreement between two organizations?

A. RFC

B. MOU

C. RFQ

D. SLA

MOU

How well did you know this?

Not at all

Perfectly

A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access. Which of the following should the company configure to protect the servers from the user devices? (Select TWO).

A. Deny incoming connections to the outside router interface.

B. Change the default HTTP port

C. Implement EAP-TLS to establish mutual authentication

D. Disable the physical switch ports

E. Create a server VLAN

F. Create an ACL to access the server

Create a server VLAN

Create an ACL to access the server

How well did you know this?

Not at all

Perfectly

Ann, a security administrator at a call center, has been experiencing problems with users intentionally installing unapproved and occasionally malicious software on their computers. Due to the nature of their jobs, Ann cannot change their permissions. Which of the following would BEST alleviate her concerns?

A. Deploy a HIDS suite on the users’ computers to prevent application installation.

B. Maintain the baseline posture at the highest OS patch level.

C. Enable the pop-up blockers on the users’ browsers to prevent malware.

D. Create an approved application list and block anything not on it.

Create an approved application list and block anything not on it.

How well did you know this?

Not at all

Perfectly

The Chief Security Officer (CSO) for a datacenter in a hostile environment is concerned about protecting the facility from car bomb attacks. Which of the following BEST would protect the building from this threat? (Select two.)

A. Dogs

B. Fencing

C. CCTV

D. Guards

E. Bollards

F. Lighting

Fencing

Bollards

How well did you know this?

Not at all

Perfectly

Which of the following is the BEST way to prevent Cross-Site Request Forgery (XSRF) attacks?

A. Check the referrer field in the HTTP header

B. Disable Flash content

C. Use only cookies for authentication

D. Use only HTTPS URLs

Check the referrer field in the HTTP header

How well did you know this?

Not at all

Perfectly

A company is about to release a very large patch to its customers. An administrator is required to test patch installations several times prior to distributing them to customer PCs.
Which of the following should the administrator use to test the patching process quickly and often?

A. Create an incremental backup of an unpatched PC

B. Create an image of a patched PC and replicate it to servers

C. Create a full disk image to restore after each installation

D. Create a virtualized sandbox and utilize snapshots

Create a virtualized sandbox and utilize snapshots

How well did you know this?

Not at all

Perfectly

Which of the following is the GREATEST security risk of two or more companies working together under a Memorandum of Understanding?

A. Budgetary considerations may not have been written into the MOU, leaving an entity to absorb more cost than intended at signing.

B. MOUs have strict policies in place for services performed between the entities and the penalties for compromising a partner are high.

C. MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities.

D. MOUs between two companies working together cannot be held to the same legal standards as SLAs.

MOUs are generally loose agreements and therefore may not have strict guidelines in place to protect sensitive data between the two entities.

How well did you know this?

Not at all

Perfectly

A company’s employees were victims of a spear phishing campaign impersonating the CEO. The company would now like to implement a solution to improve the overall security posture by assuring their employees that email originated from the CEO. Which of the following controls could they implement to BEST meet this goal?

A. Spam filter

B. Digital signatures

C. Antivirus software

D. Digital certificates

Digital signatures

How well did you know this?

Not at all

Perfectly

A user has received an email from an external source which asks for details on the company’s new product line set for release in one month. The user has a detailed spec sheet but it is marked “Internal Proprietary Information”. Which of the following should the user do NEXT?

A. Contact their manager and request guidance on how to best move forward

B. Contact the help desk and/or incident response team to determine next steps

C. Provide the requestor with the email information since it will be released soon anyway

D. Reply back to the requestor to gain their contact information and call them

Contact the help desk and/or incident response team to determine next steps

How well did you know this?

Not at all

Perfectly

Which of the following describes the process of removing unnecessary accounts and services from an application to reduce risk exposure?

A. Error and exception handling

B. Application hardening

C. Application patch management

D. Cross-site script prevention

Application hardening

How well did you know this?

Not at all

Perfectly

Privilege creep among long-term employees can be mitigated by which of the following procedures?

A. User permission reviews

B. Mandatory vacations

C. Separation of duties

D. Job function rotation

User permission reviews

How well did you know this?

Not at all

Perfectly

Peter, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network?

A. NIPS

B. HIDS

C. HIPS

D. NIDS

NIPS

How well did you know this?

Not at all

Perfectly

Due to issues with building keys being duplicated and distributed, a security administrator wishes to change to a different security control regarding a restricted area. The goal is to provide access based upon facial recognition. Which of the following will address this requirement?

A. Set up mantraps to avoid tailgating of approved users.

B. Place a guard at the entrance to approve access.

C. Install a fingerprint scanner at the entrance.

D. Implement proximity readers to scan users’ badges.

Place a guard at the entrance to approve access.

How well did you know this?

Not at all

Perfectly

Users are unable to connect to the web server at IP 192.168.0.20. Which of the following can be inferred of a firewall that is configured ONLY with the following ACL?
PERMIT TCP ANY HOST 192.168.0.10 EQ 80
PERMIT TCP ANY HOST 192.168.0.10 EQ 443

A. It implements stateful packet filtering.

B. It implements bottom-up processing.

C. It failed closed.

D. It implements an implicit deny.

It implements an implicit deny.

How well did you know this?

Not at all

Perfectly

Everyone in the accounting department has the ability to print and sign checks. Internal audit has asked that only one group of employees may print checks while only two other employees may sign the checks. Which of the following concepts would enforce this process?

A. Separation of Duties

B. Mandatory Vacations

C. Discretionary Access Control

D. Job Rotation

Separation of Duties

How well did you know this?

Not at all

Perfectly

A new intern was assigned to the system engineering department, which consists of the system architect and system software developer’s teams. These two teams have separate privileges. The intern requires privileges to view the system architectural drawings and comment on some software development projects. Which of the following methods should the system administrator implement?

A. Group based privileges

B. Generic account prohibition

C. User access review

D. Credential management

Group based privileges

How well did you know this?

Not at all

Perfectly

A software developer wants to prevent stored passwords from being easily decrypted. When the password is stored by the application, additional text is added to each password before the password is hashed. This technique is known as: A. Symmetric cryptography. B. Private key cryptography. C. Salting. D. Rainbow tables.

Salting

Peter, a user, reports to the system administrator that he is receiving an error stating his certificate has been revoked. Which of the following is the name of the database repository for these certificates? A. CSR B. OCSP C. CA D. CRL

CRL

Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication. Which of the following is an authentication method Jane should use? A. WPA2-PSK B. WEP-PSK C. CCMP D. LEAP

LEAP

A new mobile banking application is being developed and uses SSL / TLS certificates but penetration tests show that it is still vulnerable to man-in-the-middle attacks, such as DNS hijacking. Which of the following would mitigate this attack? A. Certificate revocation B. Key escrow C. Public key infrastructure D. Certificate pinning

Certificate pinning

Users report that after downloading several applications, their systems’ performance has noticeably decreased. Which of the following would be used to validate programs prior to installing them? A. Whole disk encryption B. SSH C. Telnet D. MD5

MD5

A large bank has moved back office operations offshore to another country with lower wage costs in an attempt to improve profit and productivity. Which of the following would be a customer concern if the offshore staff had direct access to their data? A. Service level agreements B. Interoperability agreements C. Privacy considerations D. Data ownership

Privacy considerations

An organization is implementing a password management application which requires that all local administrator passwords be stored and automatically managed. Auditors will be responsible for monitoring activities in the application by reviewing the logs. Which of the following security controls is the BEST option to prevent auditors from accessing or modifying passwords in the application? A. Time of day restrictions B. Create user accounts for the auditors and assign read-only access C. Mandatory access control D. Role-based access with read-only

Role-based access with read-only

A security administrator discovers an image file that has several plain text documents hidden in the file. Which of the following security goals is met by camouflaging data inside of other files? A. Integrity B. Confidentiality C. Steganography D. Availability

Steganography

The database server used by the payroll system crashed at 3 PM and payroll is due at 5 PM. Which of the following metrics is MOST important is this instance? A. ARO B. SLE C. MTTR D. MTBF

MTTR

Which of the following is the MOST intrusive type of testing against a production system? A. White box testing B. War dialing C. Vulnerability testing D. Penetration testing

Penetration testing

The Chief Information Officer (CIO) receives an anonymous threatening message that says “beware of the 1st of the year”. The CIO suspects the message may be from a former disgruntled employee planning an attack. Which of the following should the CIO be concerned with? A. Smurf Attack B. Trojan C. Logic bomb D. Virus

Logic bomb

Which of the following types of attacks involves interception of authentication traffic in an attempt to gain unauthorized access to a wireless network? A. Near field communication B. IV attack C. Evil twin D. Replay attack

IV attack

After a recent internal audit, the security administrator was tasked to ensure that all credentials must be changed within 90 days, cannot be repeated, and cannot contain any dictionary words or patterns. All credentials will remain enabled regardless of the number of attempts made. Which of the following types of user account options were enforced? (Select TWO). A. Recovery B. User assigned privileges C. Lockout D. Disablement E. Group based privileges F. Password expiration G. Password complexity

Password expiration Password complexity

Encryption used by RADIUS is BEST described as: A. Quantum B. Elliptical curve C. Asymmetric D. Symmetric

Symmetric

Which of the following types of authentication solutions use tickets to provide access to various resources from a central location? A. Biometrics B. PKI C. ACLs D. Kerberos

Kerberos

The ore-sales engineering team needs to quickly provide accurate and up-to-date information to potential clients. This information includes design specifications and engineering data that is developed and stored using numerous applications across the enterprise. Which of the following authentication technique is MOST appropriate? A. Common access cards B. TOTP C. Single sign-on D. HOTP

TOTP

A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks. Which of the following is MOST likely the reason for the sub-interfaces? A. The network uses the subnet of 255.255.255.128. B. The switch has several VLANs configured on it. C. The sub-interfaces are configured for VoIP traffic. D. The sub-interfaces each implement quality of service.

The switch has several VLANs configured on it.

An Information Systems Security Officer (ISSO) has been placed in charge of a classified peer-topeer network that cannot connect to the Internet. The ISSO can update the antivirus definitions manually, but which of the following steps is MOST important? A. A full scan must be run on the network after the DAT file is installed. B. The signatures must have a hash value equal to what is displayed on the vendor site. C. The definition file must be updated within seven days. D. All users must be logged off of the network prior to the installation of the definition file.

The signatures must have a hash value equal to what is displayed on the vendor site.

A security administrator has been tasked to ensure access to all network equipment is controlled by a central server such as TACACS+. This type of implementation supports which of the following risk mitigation strategies? A. User rights and permissions review B. Change management C. Data loss prevention D. Implement procedures to prevent data theft

User rights and permissions review

A security administrator plans on replacing a critical business application in five years. Recently, there was a security flaw discovered in the application that will cause the IT department to manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement. Which of the following should the security administrator do in regards to the application? A. Avoid the risk to the user base allowing them to re-enable their own accounts B. Mitigate the risk by patching the application to increase security and saving money C. Transfer the risk replacing the application now instead of in five years D. Accept the risk and continue to enable the accounts each month saving money

Accept the risk and continue to enable the accounts each month saving money

An organization’s security policy states that users must authenticate using something you do. Which of the following would meet the objectives of the security policy? A. Fingerprint analysis B. Signature analysis C. Swipe a badge D. Password

Signature analysis

``` Given the following list of corporate access points, which of the following attacks is MOST likely underway if the company wireless network uses the same wireless hardware throughout? MACSID 00:01:AB:FA:CD:34Corporate AP 00:01:AB:FA:CD:35Corporate AP 00:01:AB:FA:CD:36Corporate AP 00:01:AB:FA:CD:37Corporate AP 00:01:AB:FA:CD:34Corporate AP ``` A. Packet sniffing B. Evil Twin C. WPS attack D. Rogue access point

Evil Twin

Which of the following may significantly reduce data loss if multiple drives fail at the same time? A. Virtualization B. RAID C. Load balancing D. Server clustering

RAID

Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security? A. WPA2-AES B. 802.11ac C. WPA-TKIP D. WEP

WPA-TKIP

Which of the following authentication services uses a ticket granting system to provide access? A. RADIUS B. LDAP C. TACACS+ D. Kerberos

Kerberos

A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department? A. Time of day restrictions B. Group based privileges C. User assigned privileges D. Domain admin restrictions

Group based privileges

A certificate authority takes which of the following actions in PKI? A. Signs and verifies all infrastructure messages B. Issues and signs all private keys C. Publishes key escrow lists to CRLs D. Issues and signs all root certificates

Issues and signs all root certificates

Purchasing receives a phone call from a vendor asking for a payment over the phone. The phone number displayed on the caller ID matches the vendor’s number. When the purchasing agent asks to call the vendor back, they are given a different phone number with a different area code. Which of the following attack types is this? A. Hoax B. Impersonation C. Spear phishing D. Whaling

Impersonation

Peter, the security administrator, has determined that one of his web servers is under attack. Which of the following can help determine where the attack originated from? A. Capture system image B. Record time offset C. Screenshots D. Network sniffing

Network sniffing

Ann, the software security engineer, works for a major software vendor. Which of the following practices should be implemented to help prevent race conditions, buffer overflows, and other similar vulnerabilities prior to each production release? A. Product baseline report B. Input validation C. Patch regression testing D. Code review

Code review

In order for Emily, a client, to logon to her desktop computer, she must provide her username, password, and a four digit PIN. Which of the following authentication methods is Emily using? A. Three factor B. Single factor C. Two factor D. Four factor

Single factor

Emily, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Emily should report to management for a security breach? A. $1,500 B. $3,750 C. $15,000 D. $75,000

$3,750

After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in this situation? A. Information Security Awareness B. Social Media and BYOD C. Data Handling and Disposal D. Acceptable Use of IT Systems

Information Security Awareness

Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise: A. user accounts may be inadvertently locked out. B. data on the USB drive could be corrupted. C. data on the hard drive will be vulnerable to log analysis. D. the security controls on the USB drive can be bypassed.

the security controls on the USB drive can be bypassed.

Matt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. Which of the following is MOST likely affected? A. Application design B. Application security C. Initial baseline configuration D. Management of interfaces

Initial baseline configuration

Which of the following would be used to identify the security posture of a network without actually exploiting any weaknesses? A. Penetration test B. Code review C. Vulnerability scan D. Brute Force scan

Vulnerability scan

Which of the following can result in significant administrative overhead from incorrect reporting? A. Job rotation B. Acceptable usage policies C. False positives D. Mandatory vacations

False positives

Which of the following should a company implement to BEST mitigate from zero-day malicious code executing on employees’ computers? A. Least privilege accounts B. Host-based firewalls C. Intrusion Detection Systems D. Application whitelisting

Application whitelisting

Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly? A. Protocol analyzer B. Baseline report C. Risk assessment D. Vulnerability scan

Protocol analyzer

Which of the following was based on a previous X.500 specification and allows either unencrypted authentication or encrypted authentication through the use of TLS? A. Kerberos B. TACACS+ C. RADIUS D. LDAP

LDAP

Multi-tenancy is a concept found in which of the following? A. Full disk encryption B. Removable media C. Cloud computing D. Data loss prevention

Cloud computing

A company has decided to move large data sets to a cloud provider in order to limit the costs of new infrastructure. Some of the data is sensitive and the Chief Information Officer wants to make sure both parties have a clear understanding of the controls needed to protect the data. Which of the following types of interoperability agreement is this? A. ISA B. MOU C. SLA D. BPA

ISA

The systems administrator notices that many employees are using passwords that can be easily guessed or are susceptible to brute force attacks. Which of the following would BEST mitigate this risk? A. Enforce password rules requiring complexity. B. Shorten the maximum life of account passwords. C. Increase the minimum password length. D. Enforce account lockout policies.

Enforce password rules requiring complexity.

Which of the following protocols is MOST likely to be leveraged by users who need additional information about another user? A. LDAP B. RADIUS C. Kerberos D. TACACS+

LDAP

Peter, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify that the email came from Peter and decrypt it? (Select TWO). A. The CA’s public key B. Ann’s public key C. Peter’s private key D. Ann’s private key E. The CA’s private key F. Peter’s public key

Ann's private key Peter's public key

A computer is found to be infected with malware and a technician re-installs the operating system. The computer remains infected with malware. This is an example of: A. a rootkit. B. a MBR infection. C. an exploit kit. D. Spyware.

a MBR infection

A company is preparing to decommission an offline, non-networked root certificate server. Before sending the server’s drives to be destroyed by a contracted company, the Chief Security Officer (CSO) wants to be certain that the data will not be accessed. Which of the following, if implemented, would BEST reassure the CSO? (Select TWO). A. Disk hashing procedures B. Full disk encryption C. Data retention policies D. Disk wiping procedures E. Removable media encryption

Full disk encryption Disk wiping procedures

Three of the primary security control types that can be implemented are. A. Supervisory, subordinate, and peer. B. Personal, procedural, and legal. C. Operational, technical, and management. D. Mandatory, discretionary, and permanent.

Operational, technical, and management.

A system administrator is configuring shared secrets on servers and clients. Which of the following authentication services is being deployed by the administrator? (Select two.) A. Kerberos B. RADIUS C. TACACS+ D. LDAP E. Secure LDAP

RADIUS LDAP

Which of the following is a difference between TFTP and FTP? A. TFTP is slower than FTP. B. TFTP is more secure than FTP. C. TFTP utilizes TCP and FTP uses UDP. D. TFTP utilizes UDP and FTP uses TCP.

TFTP utilizes UDP and FTP uses TCP.

The company’s sales team plans to work late to provide the Chief Executive Officer (CEO) with a special report of sales before the quarter ends. After working for several hours, the team finds they cannot save or print the reports. Which of the following controls is preventing them from completing their work? A. Discretionary access control B. Role-based access control C. Time of Day access control D. Mandatory access control

Time of Day access control

Which of the following identifies certificates that have been compromised or suspected of being compromised? A. Certificate revocation list B. Access control list C. Key escrow registry D. Certificate authority

Certificate revocation list

A hospital IT department wanted to secure its doctor’s tablets. The IT department wants operating system level security and the ability to secure the data from alteration. Which of the following methods would MOST likely work? A. Cloud storage B. Removal Media C. TPM D. Wiping

TPM

A security administrator at a company which implements key escrow and symmetric encryption only, needs to decrypt an employee’s file. The employee refuses to provide the decryption key to the file. Which of the following can the administrator do to decrypt the file? A. Use the employee’s private key B. Use the CA private key C. Retrieve the encryption key D. Use the recovery agent

Retrieve the encryption key

Peter, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Peter’s access to this site? A. Internet content filter B. Firewall C. Proxy server D. Protocol analyzer

Internet content filter

A security administrator is reviewing the below output from a password auditing tool: P@ss. @pW1. S3cU4 Which of the following additional policies should be implemented based on the tool’s output? A. Password age B. Password history C. Password length D. Password complexity

Password length

Which of the following is a hardware-based security technology included in a computer? A. Symmetric key B. Asymmetric key C. Whole disk encryption D. Trusted platform module

Trusted platform module

Which of the following BEST describes the type of attack that is occurring? A. Smurf Attack B. Man in the middle C. Backdoor D. Replay E. Spear Phishing F. Xmas Attack G. Blue Jacking H. Ping of Death

Smurf Attack

Which of the following types of cloud computing would be MOST appropriate if an organization required complete control of the environment? A. Hybrid Cloud B. Private cloud C. Community cloud D. Community cloud E. Public cloud

Private cloud

A server administrator notes that a fully patched application often stops running due to a memory error. When reviewing the debugging logs they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describes? A. Malicious add-on B. SQL injection C. Cross site scripting D. Zero-day

Zero-day

Matt, a security administrator, wants to ensure that the message he is sending does not get intercepted or modified in transit. This concern relates to which of the following concepts? A. Availability B. Integrity C. Accounting D. Confidentiality

Integrity

Which of the following attacks allows access to contact lists on cellular phones? A. War chalking B. Blue jacking C. Packet sniffing D. Bluesnarfing

Bluesnarfing

Ann was reviewing her company’s event logs and observed several instances of GUEST accessing the company print server, file server, and archive database. As she continued to investigate, Ann noticed that it seemed to happen at random intervals throughout the day, but mostly after the weekly automated patching and often logging in at the same time. Which of the following would BEST mitigate this issue? A. Enabling time of day restrictions B. Disabling unnecessary services C. Disabling unnecessary accounts D. Rogue machine detection

Disabling unnecessary accounts

An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL? A. Create three VLANs on the switch connected to a router B. Define three subnets, configure each device to use their own dedicated IP address range, and then connect the network to a router C. Install a firewall and connect it to the switch D. Install a firewall and connect it to a dedicated switch for each device type

Create three VLANs on the switch connected to a router

Peter, an administrator, installs a web server on the Internet that performs credit card transactions for customer payments. Peter also sets up a second web server that looks like the first web server. However, the second server contains fabricated files and folders made to look like payments were processed on this server but really were not. Which of the following is the second server? A. DMZ B. Honeynet C. VLAN D. Honeypot

Honeypot

RC4 is a strong encryption protocol that is generally used with which of the following? A. WPA2 CCMP B. PEAP C. WEP D. EAP-TLS

WEP

for the shell? A. The NX bit is enabled B. The system uses ASLR C. The shell is obfuscated D. The code uses dynamic libraries

The system is obfuscated