Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

myexam > Exam G > Flashcards

Exam G Flashcards

2
Q

QUESTION 1 Separation of duties is often implemented between developers and administrators in order to separate which of the following? A. More experienced employees from less experienced employees B. Changes to program code and the ability to deploy to production C. Upper level management users from standard development employees D. The network access layer from the application access layer

A

B. Changes to program code and the ability to deploy to production

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

QUESTION 2 Which of the following will require exceptions when considering the use of 802.1x port security? A. Switches B. Printers C. Laptops D. Desktops

A

B. Printers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

QUESTION 3 Which of the following may cause Jane, the security administrator, to seek an ACL work around? A. Zero day exploit B. Dumpster diving C. Virus outbreak D. Tailgating

A

A. Zero day exploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

QUESTION 4 Which of the following is MOST likely to lead to a breach of security in which Matt, an unauthorized employee, accidently views sensitive data? A. Lack of business continuity plan B. Lack of logging and auditing access to files C. Lack of chain of custody procedure D. Lack of data labeling, handling, and disposal policies

A

D. Lack of data labeling, handling, and disposal policies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

QUESTION 5 A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed? A. The request needs to be sent to the incident management team. B. The request needs to be approved through the incident management process. C. The request needs to be approved through the change management process. D. The request needs to be sent to the change management team.

A

C. The request needs to be approved through the change management process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

QUESTION 6 Jane, an individual, has recently been calling various financial offices to be another person to gain financial information. Which of the following attacks is being described? A. Phishing B. Tailgating C. Pharming D. Vishing

A

D. Vishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

QUESTION 7 The security administrator wants each user to individually decrypt a message but allow anybody to encrypt it. Which of the following MUST be implemented to allow this type of authorization? A. Use of CA certificate B. Use of public keys only C. Use of private keys only D. Use of public and private keys

A

D. Use of public and private keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

QUESTION 8 Jane, a user in the company, is in charge of various financial roles but needs to prepare for an upcoming audit. She uses the same account to access each financial system. Which of the following security controls will MOST likely be implemented within the company? A. Account lockout policy B. Account password enforcement C. Password complexity enabled D. Separation of duties

A

D. Separation of duties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

QUESTION 9 Pete, an employee, is granted access to only areas of a network folder needed to perform his job. Which of the following describes this form of access control? A. Separation of duties B. Time of day restrictions C. Implicit deny D. Least privilege

A

D. Least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

QUESTION 10 A security administrator notices unusual activity from a default account when reviewing system logs and finds the account has been compromised. After investigating the incident, the administrator determines the account can be disabled to prevent any further incidents because the account was not necessary for any job functions. Which of the following could have prevented this incident? A. Enhanced password complexity B. Disabling unnecessary accounts C. Reviewing centralized logs D. Disabling unnecessary services

A

B. Disabling unnecessary accounts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

QUESTION 11 A CRL is comprised of: A. malicious IP addresses B. trusted CA’s. C. untrusted private keys. D. public keys

A

D. public keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

QUESTION 12 Which of the following can be implemented to prevent Matt, a user, from connecting a hub or switch to a single switch port to access network resources with multiple devices? (Select TWO). A. Subnetting B. NAC C. VLAN D. DMZ E. Port security

A

B. NAC - Network Access ControlE. Port security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

QUESTION 13 Which of the following devices utilizes behavior heuristics to detect or prevent intrusion into network resources? A. NIPS B. VPN concentrators C. NAT router D. Flood guard

A

A. NIPS - Network-Based Intrusion Prevention System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

QUESTION 14 Which of the following may significantly reduce data loss if multiple drives fail at the same time? A. Virtualization B. RAID C. Load balancing D. Server clustering

A

B. RAID

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

QUESTION 15 Which of the following would MOST likely belong in the DMZ? (Select TWO). A. Finance servers B. Backup servers C. Web servers D. SMTP gateways E. Laptops

A

C. Web servers D. SMTP gateways

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

QUESTION 16 Which of the following protocols would MOST likely be implemented if Pete, a user, wants to transfer files reliably from one location to another? A. SNMP B. SSH C. ICMP D. SFTP

A

D. SFTP - Secure File Transfer Protocol 115 (SSH)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

QUESTION 17 A server containing critical data will cost the company $200/hour if it were to be unavailable due to DoS attacks. The security administrator expects the server to become unavailable for a total of two days next year. Which of the following is true about the ALE? A. The ALE is $48. B. The ALE is $400. C. The ALE is $4,800. D. The ALE is $9,600.

A

D. The ALE is $9,600.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

QUESTION 18 Jane, a user, installs software downloaded from a trusted website. The installed software causes unwanted pop-ups for pharmaceuticals. Which of the following BEST describes the type of threat? A. Trojan B. Backdoor C. Spyware D. Adware

A

D. Adware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

QUESTION 19 Sara, a security administrator, notices a number of ports being scanned on the perimeter firewall. At first the scanning appears random, but after monitoring the logs for 30 minutes, she determines that the whole port range is being scanned and all TCP flags are being turned on. Which of the following BEST describes this type of threat? A. Smurf attack B. X-Mas attack C. Spoofing D. Malicious insider threat

A

B. X-Mas attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

QUESTION 20 The Chief Information Officer (CIO) receives a call from an individual who states they are from the IT department. The caller wants to know the CIOs ID and password to validate their account as part of a yearly account revalidation process. Which of the following BEST describes this scenario? A. Spam B. Hoax C. Spoofing D. Vishing

A

D. Vishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

QUESTION 21 To reduce an organization’s risk exposure by verifying compliance with company policy, which of the following should be performed periodically? A. Qualitative analysis B. Quantitative analysis C. Routine audits D. Incident management

A

C. Routine audits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

QUESTION 22 A buffer overflow can result in which of the following attack types? A. DNS poisoning B. Zero-day C. Privilege escalation D. ARP poisoning

A

C. Privilege escalation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

QUESTION 23 Which of the following is an authentication service that uses UDP as a transport medium? A. TACACS+ B. LDAP C. Kerberos D. RADIUS

A

D. RADIUS - Remote Authentication Dial-In User Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

QUESTION 24 Which of the following is true concerning WEP security? A. WEP keys are transmitted in plain text. B. The WEP key initialization process is flawed. C. The pre-shared WEP keys can be cracked with rainbow tables. D. WEP uses the weak RC4 cipher.

A

B. The WEP key initialization process is flawed. (Wired Equivalent Privacy)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

QUESTION 25 Matt, a security administrator, wants to secure VoIP traffic on the internal network from eavesdropping. Which of the following would MOST likely be used? A. SSL B. SSH C. QoS D. IPSec

A

D. IPSec - Internet Protocol Security

27
Q

QUESTION 26 Pete works for a subsidiary company that processes secure transactions for the parent company. Which of the following can be employed to ensure the parent company has access to the subsidiary’s encrypted data in an emergency? A. Trust model B. Public key infrastructure C. Symmetrical key encryption D. Key escrow

A

D. Key escrow

28
Q

QUESTION 27 Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO). A. Tethering B. Screen lock PIN C. Remote wipe D. Email password E. GPS tracking F. Device encryption

A

C. Remote wipe F. Device encryption

29
Q

QUESTION 28 Which of the following social engineering attacks is meant for a high-ranking corporate employee? A. Pharming B. Whaling C. Hoax D. Vishing

A

B. Whaling

30
Q

QUESTION 29 Which of the following is an advantage of using group policy to redirect users’ local folders to networked drives in regards to data loss prevention? A. Sensitive data is not stored on a local computer. B. Users can track their data for unauthorized revisions. C. Incremental back-ups are stored locally for easy access. D. The users are more aware of where their data is stored.

A

A. Sensitive data is not stored on a local computer.

31
Q

QUESTION 30 In the case of laptop theft, which of the following is the BEST action to take to prevent data theft? A. Sensitive data is not stored on a local computer. B. Install the operating system on a non-default partition letter. C. Set a BIOS password that must be entered upon system boot. D. Enforce a strict complex operating system password.

A

A. Sensitive data is not stored on a local computer.

32
Q

QUESTION 31 Pete, a security administrator, has implemented a policy to prevent data loss. Which of the following is the BEST method of enforcement? A. Internet networks can be accessed via personally-owned computers. B. Data can only be stored on local workstations. C. Wi-Fi networks should use WEP encryption by default. D. Only USB devices supporting encryption are to be used.

A

D. Only USB devices supporting encryption are to be used.

33
Q

QUESTION 32 Sara, a security administrator, needs to implement the equivalent of a DMZ at the datacenter entrance. Which of the following must she implement? A. Video surveillance B. Mantrap C. Access list D. Alarm

A

B. Mantrap

34
Q

QUESTION 33 Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to gather data on new malware. Which of the following is being implemented by Jane’s company? A. Vulnerability scanner B. Honeynet C. Protocol analyzer D. Port scanner

A

B. Honeynet

35
Q

QUESTION 34 Sara, a senior programmer for an application at a software development company, has also assumed an auditing role within the same company. She will be assessing the security of the application. Which of the following will she be performing? A. Blue box testing B. Gray box testing C. Black box testing D. White box testing

A

D. White box testing

36
Q

QUESTION 35 Which of the following procedures would be used to mitigate the risk of an internal developer embedding malicious code into a production system? A. Audit management B. Mobile device management C. Incident management D. Change management

A

D. Change management

37
Q

QUESTION 36 Mike, a security analyst, is looking to reduce the number of phishing emails received by employees. Which of the following solutions helps prevent this from occurring? A. HIDS B. NIDS C. Antivirus D. Spam filter

A

D. Spam filter

38
Q

QUESTION 37 Which of the following BEST describes a directory traversal attack? A. A malicious user can insert a known pattern of symbols in a URL to access a file in another section of the directory. B. A malicious user can change permissions or lock out user access from a webroot directory or subdirectories. C. A malicious user can delete a file or directory in the webroot directory or subdirectories. D. A malicious user can redirect a user to another website across the Internet.

A

A. A malicious user can insert a known pattern of symbols in a URL to access a file in another section of the directory.

39
Q

QUESTION 38 In her morning review of new vendor patches, Jane has identified an exploit that is marked as critical. Which of the following is the BEST course of action? A. Jane should wait seven days before testing the patch to ensure that the vendor does not issue an updated version, which would require reapplying the patch. B. Jane should download the patch and install it to her workstation to test whether it will be able to be applied to all workstations in the environment. C. Jane should alert the risk management department to document the patch and add it to the next monthly patch deployment cycle. D. Jane should download the patch to the test network, apply it to affected systems, and evaluate the results on the test systems.

A

D. Jane should download the patch to the test network, apply it to affected systems, and evaluate the results on the test systems.

40
Q

QUESTION 39 Matt, a security administrator, has noticed that the website and external systems have been subject to many attack attempts. To verify integrity of the website and critical files, Matt should: A. require all visitors to the public web home page to create a username and password to view the pages in the website. B. configure the web application firewall to send a reset packet to the incoming IP from where an attack or scan signature has been detected. C. create file hashes for website and critical system files, and compare the current file hashes to the baseline at regular time intervals. D. reboot the web server and database server nightly after the backup has been completed.

A

C. create file hashes for website and critical system files, and compare the current file hashes to the baseline at regular time intervals.

41
Q

QUESTION 40 Jane, a security technician, needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should Jane open? (Select TWO). A. TCP 21 B. TCP 23 C. TCP 53 D. UDP 23 E. UDP 53

A

C. TCP 53 (53 is DNS)E. UDP 53

42
Q

QUESTION 41 Pete, a security administrator, is working with Jane, a network administrator, to securely design a network at a new location. The new location will have three departments which should be isolated from each other to maintain confidentiality. Which of the following design elements should Pete implement to meet this goal? A. VLANs B. Port security C. VPNs D. Flood guards

A

A. VLANs

43
Q

QUESTION 42 Sara, a security administrator, is configuring a new firewall. She has entered statements into the firewall configuration as follows: Allow all Web traffic Deny all Telnet traffic Allow all SSH traffic Mike, a user on the network, tries unsuccessfully to use RDP to connect to his work computer at home. Which of the following principles BEST explains why Mike’s attempt to connect is not successful? A. Explicit deny B. Loop protection C. Implicit deny D. Implicit permit

A

C. Implicit deny

44
Q

QUESTION 43 Jane, a security administrator, notices that a program has crashed. Which of the following logs should Jane check? A. Access log B. Firewall log C. Audit log D. Application log

A

D. Application log

45
Q

QUESTION 44 A process in which the functionality of an application is tested with some knowledge of the internal mechanisms of the application is known as: A. white hat testing B. black box testing C. black hat testing D. gray box testing

A

D. gray box testing

46
Q

QUESTION 45 Which of the following passwords is the LEAST complex? A. MyTrain!45 B. Mytr@in!! C. MyTr@in12 D. MyTr@in#8

A

B. Mytr@in!!

47
Q

QUESTION 46 Which of the following security benefits would be gained by disabling a terminated user account rather than deleting it? A. Retention of user keys B. Increased logging on access attempts C. Retention of user directories and files D. Access to quarantined files

A

A. Retention of user keys

48
Q

QUESTION 47 Which RAID level is LEAST suitable for disaster recovery plans? A. 0 B. 1 C. 5 D. 6

A

A. 0

49
Q

QUESTION 48 Which of the following security architecture elements also has sniffer functionality? (Select TWO). A. HSM B. IPS C. SSL accelerator D. WAP E. IDS

A

B. IPS - Intrusion Prevention System E. IDS - Intrusion Detection System

50
Q

QUESTION 49 Upper management decides which risk to mitigate based on cost. This is an example of: A. Qualitative risk assessment B. Business impact analysis C. Risk management framework D. Quantitative risk assessment

A

D. Quantitative risk assessment

51
Q

QUESTION 50 Isolation mode on an AP provides which of the following functionality types? A. Segmentation of each wireless user from other wireless users B. Disallows all users from communicating directly with the AP C. Hides the service set identifier D. Makes the router invisible to other routers

A

A. Segmentation of each wireless user from other wireless users

52
Q

QUESTION 51 Employees are reporting that unauthorized personnel are in secure areas of the building. This is MOST likely due to lack of security awareness in which of the following areas? A. Impersonation B. Logical controls C. Physical security controls D. Access control policy

A

C. Physical security controls

53
Q

QUESTION 52 A forensic image of a hard drive has been created. Which of the following can be used to demonstrate the image has not been tampered with? A. Chain of custody B. Document the image file’s size and time stamps C. Encrypt the image file D. Hash of the image file

A

D. Hash of the image file

54
Q

QUESTION 53 Which of the following secure protocols is MOST commonly used to remotely administer Unix/Linux systems? A. SSH B. SCP C. SFTP D. SNMP

A

A. SSH - Secure Shell 22

55
Q

QUESTION 54 Sara, the network administrator, was alerted to an unauthorized email that was sent to specific VIPs in the company with a malicious attachment. Which of the following types of attacks is MOST likely being described? A. Vishing B. Whaling C. DDoS D. Pharming

A

B. Whaling

56
Q

QUESTION 55 In the event of a mobile device being lost or stolen, which of the following BEST protects against sensitive information leakage? A. Cable locks B. Remote wipe C. Screen lock D. Voice encryption

A

B. Remote wipe

57
Q

QUESTION 56 Which of the following should Sara, a security administrator, perform periodically to reduce an organization’s risk exposure by verifying employee access? A. Account revalidation B. Incident management C. Qualitative analysis D. Quantitative analysis

A

A. Account revalidation

58
Q

QUESTION 57 Which of the following is the MAIN benefit of server-side versus client-side input validation? A. Server-side input validation results in a more secure system than client-side input validation. B. Client-side input validation can lead to local buffer overflows while server-side input validation can lead to remote buffer overflow. C. Client-side input validation results in a more secure system than server-side input validation. D. Server-side input validation is prone to buffer overflows while client-side input validation is not.

A

A. Server-side input validation results in a more secure system than client-side input validation.

59
Q

QUESTION 58 Which of the following is MOST appropriate when storing backup tapes in a physically non-secure room? A. Use an in-tape GPS tracking device. B. Store the tapes in a locked safe. C. Encrypt the tapes with AES. D. Securely wipe the tapes.

A

B. Store the tapes in a locked safe.

60
Q

QUESTION 59 Grandfather-Father-Son and Tower of Hanoi are common: A. Trojans that collect banking information. B. Backup tape rotation strategies. C. Penetration testing best practices. D. Failover practices in clustering.

A

B. Backup tape rotation strategies.

61
Q

QUESTION 60 Sara, an employee, unintentionally downloads malware that exploits a known vulnerability. Which of the following needs to be enforced to keep this incident from recurring in the future? A. Input validation B. Active pop-up blocker C. Application hardening and error validation D. Patch management

A

D. Patch management

myexam (9 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions