Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

myexam > Exam B > Flashcards

Exam B Flashcards

2
Q

QUESTION 1Which of the following malware types typically disguises itself within another piece of software, requires user interaction, and does not execute on a specific date?A. Logic BombB. TrojanC. WormD. Botnet

A

B. Trojan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

QUESTION 2Which of the following is MOST commonly identified as an ARP spoofing attack where no email is sent, and flags within the TCP packet are irrelevant?A. Xmas attackB. Spam attackC. Man-in-the-middle attackD. DDoS attack

A

C. Man-in-the-middle attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

QUESTION 3Which of the following is characterized by an attacker attempting to map out an organization’s staff hierarchy in order to send targeted emails?A. WhalingB. ImpersonationC. Privilege escalationD. Spear phishing

A

A. Whaling

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

QUESTION 4Which of the following is an attack where Pete spreads USB thumb drives throughout a bank’s parking lot in order to have malware installed on the banking systems?A. TailgatingB. Replay attackC. VirusD. Social engineering

A

D. Social engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

QUESTION 5Which of the following attacks significantly relies on staff members wanting to be helpful and supportive of each other?A. SpoofingB. TailgatingC. Dumpster divingD. Xmas attack

A

B. Tailgating

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

QUESTION 6Which of the following is an attacker attempting to discover open wireless access points?A. War drivingB. Packet sniffingC. War chalkingD. Initialization vector

A

A. War driving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

QUESTION 7Which of the following protocols provides Pete, an administrator, with the HIGHEST level of security for device traps?A. ICMPB. SNMPv3C. SSHD. IPSec

A

B. SNMPv3 - Simple Network Management Protocol - v3 (161 udp)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

QUESTION 8Which of the following is designed to serve as a risk mitigation strategy?A. Personally owned devicesB. Disaster recovery planC. Calculate proper ROID. Zero day exploits

A

B. Disaster recovery plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

QUESTION 9Who should be contacted FIRST in the event of a security breach?A. Forensics analysis teamB. Internal auditorsC. Incident response teamD. Software vendors

A

C. Incident response team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

QUESTION 10Which process will determine maximum tolerable downtime?A. Business Continuity PlanningB. Contingency PlanningC. Business Impact AnalysisD. Disaster Recovery Plan

A

C. Business Impact Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

QUESTION 11Which of the following provides the MOST protection against zero day attacks via email attachments?A. Anti-spamB. Anti-virusC. Host-based firewallsD. Patch management

A

A. Anti-spam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

QUESTION 12Which of the following access controls enforces permissions based on data labeling at specific levels?A. Mandatory access controlB. Separation of duties access controlC. Discretionary access controlD. Role based access control

A

A. Mandatory access control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

QUESTION 13A username provides which of the following?A. BiometricsB. IdentificationC. AuthorizationD. Authentication

A

B. Identification

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

QUESTION 14Use of group accounts should be minimized to ensure which of the following?A. Password securityB. Regular auditingC. Baseline managementD. Individual accountability

A

D. Individual accountability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

QUESTION 15Privilege creep among long-term employees can be mitigated by which of the following procedures?A. User permission reviewsB. Mandatory vacationsC. Separation of dutiesD. Job function rotation

A

A. User permission reviews

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

QUESTION 16In which of the following scenarios is PKI LEAST hardened?A. The CRL is posted to a publicly accessible location.B. The recorded time offsets are developed with symmetric keys.C. A malicious CA certificate is loaded on all the clients.D. All public keys are accessed by an unauthorized user.

A

C. A malicious CA certificate is loaded on all the clients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

QUESTION 17A database server has been compromised via an unpatched vulnerability. An investigation reveals that an application crashed at the time of the compromise. Unauthorized code appeared to be running, although there were no traces of the code found on the file system. Which of the following attack types has MOST likely occurred?A. Zero day exploitB. SQL injectionC. LDAP injectionD. Buffer overflow

A

D. Buffer overflow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

QUESTION 18Which of the following would Sara, a security administrator, utilize to actively test security controls within an organization?A. Penetration testB. BaseliningC. Code reviewD. Vulnerability scan

A

A. Penetration test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

QUESTION 19Which of the following assessments would Pete, the security administrator, use to actively test that an application’s security controls are in place?A. Code reviewB. Penetration testC. Protocol analyzerD. Vulnerability scan

A

B. Penetration test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

QUESTION 20Which of the following would Jane, a security administrator, take advantage of to bypass security controls and gain unauthorized remote access into an organization?A. Vulnerability scanB. Dumpster divingC. VirtualizationD. Penetration test

A

D. Penetration test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

QUESTION 21Which of the following would be used to identify the security posture of a network without actually exploiting any weaknesses?A. Penetration testB. Code reviewC. Vulnerability scanD. Brute Force scan

A

C. Vulnerability scan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

QUESTION 22The finance department is growing and needs additional computers to support growth. The department also needs to ensure that their traffic is separated from the rest of the network. Matt, the security administrator, needs to add a new switch to accommodate this growth. Which of the following MUST Matt configure on the switch to ensure proper network separation?A. Implicit denyB. VLAN managementC. Access control listsD. Flood guards

A

B. VLAN management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

QUESTION 23Pete, the security administrator, wants to ensure that only secure protocols are being used to transfer and copy files. Which of the following protocols should he implement?A. SMTPB. SCPC. FTPD. HTTPS

A

B. SCP - Secure Copy Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

QUESTION 24Sara, a security administrator, has recently implemented a policy to ban certain attachments from being sent through the corporate email server. This is an example of trying to mitigate which of the following?A. SQL injectionB. LDAP injectionC. Cross-site scriptingD. Malicious add-ons

A

D. Malicious add-ons

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

QUESTION 25 Jane, the security administrator, sets up a new AP but realizes too many outsiders are able to connect to that AP and gain unauthorized access. Which of the following would be the BEST way to mitigate this issue and still provide coverage where needed? (Select TWO).A. Disable the wired portsB. Use channels 1, 4 and 7 onlyC. Enable MAC filteringD. Disable SSID broadcastE. Switch from 802.11a to 802.11b

A

C. Enable MAC filteringD. Disable SSID broadcast

27
Q

QUESTION 26In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in QUESTION from the incident manager. Which of the following incident response procedures would he need to perform in order to begin the analysis? (Select TWO).A. Take hashesB. Begin the chain of custody paperworkC. Take screen shotsD. Capture the system imageE. Decompile suspicious files

A

A. Take hashesD. Capture the system image

28
Q

QUESTION 27Which of the following is used to certify intermediate authorities in a large PKI deployment?A. Root CAB. Recovery agentC. Root userD. Key escrow

A

A. Root CA

29
Q

QUESTION 28Which of the following components MUST be trusted by all parties in PKI?A. Key escrowB. CAC. Private keyD. Recovery key

A

B. CA - Certification Authority

30
Q

QUESTION 29Remote employees login to the network using a device displaying a digital number which changes every five minutes. This is an example of which of the following?A. Block cipherB. One-time padC. Stream cipherD. Digital signature

A

B. One-time pad

31
Q

QUESTION 30When checking his webmail, Matt, a user, changes the URL’s string of characters and is able to get into another user’s inbox. This is an example of which of the following?A. Header manipulationB. SQL injectionC. XML injectionD. Session hijacking

A

D. Session hijacking

32
Q

QUESTION 31An SQL injection vulnerability can be caused by which of the following?A. Password complexityB. Improper input validationC. Discretionary access controlsD. Cross-site request forgery

A

B. Improper input validation

33
Q

QUESTION 32Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?A. NATB. VirtualizationC. NACD. Subnetting

A

D. Subnetting

34
Q

QUESTION 33Which of the following would Sara, a security administrator, utilize to identity a weakness within various applications without exploiting that weakness?A. Protocol analyzerB. Port scannerC. Vulnerability scanD. Penetration test

A

C. Vulnerability scan

35
Q

QUESTION 34Matt, a security administrator, wants to allow content owners to determine who has access to tiles. Which of the following access control types does this describe?A. Rule based access controlB. Discretionary access controlC. Role based access controlD. Mandatory access control

A

B. Discretionary access control

36
Q

QUESTION 35Which of the following commands can Matt, an administrator, use to create a forensically sound hard drive image?A. grepB. dumpC. dcflddD. hex

A

C. dcfldd

37
Q

QUESTION 36Which of the following technologies would allow the removal of a single point of failure?A. Dual-homing a serverB. Clustering a SQL serverC. Adding a second VLAN to a switchD. Assigning a second IP address to a NIC

A

B. Clustering a SQL server

38
Q

QUESTION 37Jane, the administrator, is tasked with deploying a strong encryption cipher. Which of the following ciphers would she be the LEAST likely to choose?A. DESB. Two fishC. 3DESD. AES

A

A. DES - Data Encryption Standard

39
Q

QUESTION 38Jane, a security administrator, has completed the imaging process for 20 computers that were deployed. The image contains the operating system and all required software. Which of the following is this an example of?A. Implementing configuration hardeningB. Implementing configuration baselineC. Implementing due diligenceD. Deploying and using a trusted OS

A

D. Deploying and using a trusted OS

40
Q

QUESTION 39Which of the following open standards should Pete, a security administrator, select for remote authentication of users?A. TACACSB. RADIUSC. WPA2D. RIPEMD

A

B. RADIUS - Remote Authentication Dial-In User Service

41
Q

QUESTION 40Which of the following can use RC4 for encryption?(Select TWO).A. CHAPB. SSLC. WEPD. AESE. 3DES

A

B. SSL - Secure Sockets LayerC. WEP - Wired Equivalent Privacy

42
Q

QUESTION 41Which of the following defines a business goal for system restoration and acceptable data loss?A. MTTRB. MTBFC. RPOD. Warm site

A

C. RPO - Recovery Point Objective

43
Q

QUESTION 42Which of the following defines an organization goal for acceptable downtime during a disaster or other contingency?A. MTBFB. MTTRC. RTOD. RPO

A

C. RTO - Recovery Time Objective

44
Q

QUESTION 43Which of the following is an attack vector that can cause extensive physical damage to a datacenter without physical access?A. CCTV system accessB. Dial-up accessC. Changing environmental controlsD. Ping of death

A

C. Changing environmental controls

45
Q

QUESTION 44An ACL placed on which of the following ports would block IMAP traffic?A. 110B. 143C. 389D. 465

A

B. 143 - Internet Message Access Protocol

46
Q

QUESTION 45Which of the following provides the HIGHEST level of confidentiality on a wireless network?A. Disabling SSID broadcastB. MAC filteringC. WPA2D. Packet switching

A

C. WPA2 - Wireless Protected Access 2

47
Q

QUESTION 46A new AP has been installed and there are problems with packets being dropped. Which of the following BEST explains the packet loss?A. EMIB. XML injectionC. DDoSD. Botnet

A

A. EMI

48
Q

QUESTION 47Which of the following intrusion detection methods may generate an alert when Matt, an employee, accesses a server during non-business hours?A. SignatureB. Time of Day restrictionsC. HeuristicD. Behavioral

A

D. Behavioral

49
Q

QUESTION 48Which of the following controls should be used to verify a person in charge of payment processing is not colluding with anyone to pay fraudulent invoices?A. Least privilegeB. Security policyC. Mandatory vacationsD. Separation of duties

A

C. Mandatory vacations

50
Q

QUESTION 49Which of the following techniques describes the use of application isolation during execution to prevent system compromise if the application is compromised?A. Least privilegeB. SandboxingC. Black boxD. Application hardening

A

B. Sandboxing

51
Q

QUESTION 50Which of the following allows a company to maintain access to encrypted resources when employee turnover is high?A. Recovery agentB. Certificate authorityC. Trust modelD. Key escrow

A

A. Recovery agent

52
Q

QUESTION 51Which of the following security methods should be used to ensure mobile devices are not removed by unauthorized users when the owner is away from their desk?A. Screen lockB. BiometricsC. Strong passwordsD. Cable lock

A

D. Cable lock

53
Q

QUESTION 52Which of the following should be implemented to stop an attacker from mapping out addresses and/or devices on a network?A. Single sign onB. IPv6C. Secure zone transfersD. VoIP

A

C. Secure zone transfers

54
Q

QUESTION 53Jane, a network technician, notices that users’ Internet homepages have been changed to sites that include malware. Which of the following will change the default homepage for the Internet browser to be the same for all users?A. Flush the DNS cacheB. Remove workstations from the domainC. Upgrade the Internet browserD. Implement group policies

A

D. Implement group policies

55
Q

QUESTION 54A security administrator wants to scan an infected workstation to understand how the infection occurred. Which of the following should the security administrator do FIRST before scanning the workstation?A. Make a complete hard drive imageB. Remove the memoryC. Defragment the hard driveD. Delete all temporary Internet files

A

A. Make a complete hard drive image

56
Q

QUESTION 55Matt, an IT administrator, wants to protect a newly built server from zero day attacks. Which of the following would provide the BEST level of protection?A. HIPSB. AntivirusC. NIDSD. ACL

A

A. HIPS - Host-Based Intrusion Prevention System

57
Q

QUESTION 56The lead security engineer has been brought in on a new software development project. The software development team will be deploying a base software version and will make multiple software revisions during the project life cycle. The security engineer on the project is concerned with the ability to roll back software changes that cause bugs and/or security concerns. Which of the following should the security engineer suggest to BEST address this issue?A. Develop a change management policy incorporating network change control.B. Develop a change management policy incorporating hardware change control.C. Develop a change management policy incorporating software change control.D. Develop a change management policy incorporating oversight of the project lifecycle.

A

C. Develop a change management policy incorporating software change control.

58
Q

QUESTION 57A new wireless network was installed in an office building where there are other wireless networks. Which of the following can the administrator disable to help limit the discovery of the new network?A. DHCPB. Default user accountC. MAC filteringD. SSID broadcast

A

D. SSID broadcast

59
Q

QUESTION 58Which of the following anti-malware solutions can be implemented to mitigate the risk of phishing?A. Host based firewallsB. Anti-spywareC. Anti-spamD. Anti-virus

A

C. Anti-spam

60
Q

QUESTION 59Which of the following can be used to mitigate risk if a mobile device is lost?A. Cable lockB. Transport encryptionC. Voice encryptionD. Strong passwords

A

D. Strong passwords

61
Q

QUESTION 60Implementation of server clustering is an example of which of the following security concepts?A. TraceabilityB. AvailabilityC. IntegrityD. Confidentiality

A

B. Availability

myexam (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions