failed questions

Question 1

s the network admin of a large trucking company, network troubleshooting has become a main stay of your job responsibilities. During the process of troubleshooting a problem or condition on the network that needs to be identified and rectified your selection of the correct tool becomes very important to identify the problem. Which networking tool can identify problems with the DNS and query specific DNS servers to verify it’s functionality?

Answer 1

Nslookup

Question 2

Which of the following determines the correct response to PTI incident?

Privacy impact assessment
Privacy threshold assessment
RPO

Answer 2

Privacy impact assessment

Question 3

Which of the following identifies system that process private information?
Privacy impact assessment
Privacy threshold assessment
RPO

Answer 3

Privacy threshold assessment

Question 4

Which of the following is the amount of time that can elapse after a failure before system returns to normal?

Privacy impact assessment
Privacy threshold assessment
RPO

Answer 4

RPO

Question 5

Ted is a network tech in your company and has shared his testing results with you to highlight his results. Which network tool is shown in the exhibit?

Answer 5

Microsoft Network Monitor

Question 6

Which two are technologies that have intrinsic security weaknesses?

Answer 6

Operating systems

TCP/IP

Question 7

When allowing BYOD in your office, you want to ensure mandatory manufacturer specific code signing on all mobile devices in the environment. Which mobile OS does NOT require this capability?

Answer 7

Android

Question 8

Which of the following is true about voice encryption on mobile phones?

Answer 8

Encrypted transmissions work by adding cryptography to digitized conversations.

Question 9

The acronym HTTPS identifies which of the choices listed below?

Answer 9

Correct answer: Hypertext Transfer Protocol Secure

Question 10

Active FTP is a considerable security risk because it allows which type of connections?

Answer 10

inbound

Question 11

You are working with a networking manager at a client’s firm, and during a planning meeting with the client, the issue of virtual machine point-in-time snapshots comes up. You recommend careful use of snapshots because of the security ramifications. Your concern involves which of the following?

Answer 11

Invoked snapshots will have fewer patch updates than the currently running virtual machine.

Question 12

Which class represents the recommended fire suppression method for an electrical fire?

Answer 12

Class C (argon)

Question 13

Which of the following protocols does not send credentials over the network and requires that both parties have a shared secret to compute the hash?

Answer 13

MS-CHAPv2

Question 14

The financial institution you work for is experiencing small continued losses that were identified by the auditors as internal. Which countermeasure would you first take to stop the loss without arousing suspicion?

Answer 14

least privilege

Question 15

The Bonanza Mining Corporation (BMC) has 26,640 hard drive units. On average they were run for 873 hours each and they experienced 21 failures, what is the MTBF for BMC? Round up your result to the nearest hour.

Answer 15

1,107,463

Question 16

What provides secure access to corporate data in accordance with management policies?

Answer 16

technical controls

Question 17

Instant Messaging programs have very serious security issues. Name them (3)

Answer 17

The communications are not encrypted.
They can provide access to sensitive or confidential data.
It is possible to transmit files that contain viruses and Trojan horses.

Question 18

n cryptography, when subtle input changes make a radical change in the output, this is referred to as which of the following?

Answer 18

diffusion

Question 19

Which term most accurately describes smartcards?

Answer 19

low power

Question 20

Which is the protocol used by browsers to obtain the revocation status of a digital certificate attached to a website?

Answer 20

OCSP

Question 21

One of your users, Christine, reports that when she visits web sites, pop-up advertisements appear incessantly. After further investigation, you learn that one of the web sites she had visited had infected Flash code. Christine asks what the problem was. What do you tell her caused the problem?

Answer 21

Adware

Question 22

Employees with company laptops are given a cable lock and told to lock down their laptops when stepping away from the device while out of the office. To which class of security control does this apply?

Answer 22

Preventative

Question 23

four steps in a secure deployment environment into the correct order.

Answer 23

Dev, test, Staging, Prod

Question 24

A Birthday attack is an example of which type of attack

Answer 24

Brute force attack

Question 25

You have been tasked with gathering information on a company by sending what looks like normal Internet traffic. Your reconnaissance can involve browsing the DNS requests and records for publicly available content only. Which form of penetration testing are you being asked to conduct?

Answer 25

Semi-passive information gathering

Question 26

A piece of malware replaces a library of running code within the addresses space of a program, forcing it to load a library. Which of the following vulnerabilities describes this type of security issue?

Answer 26

DLL injection

Question 27

What is the maximum transmission rate supported by the 802.11a standard?

Answer 27

54 mbps

Question 28

Which of the following security measures would be in place on a mobile device that would cause a user to be locked out when a set number of failed attempts to logon were attempted?

Answer 28

Screen Lock

Question 29

Using the FTP PORT command in an attack is referred to as which of the attack types listed below?

Answer 29

Bounce Attack

Question 30

The majority of online transactions today use which authentication method?

Answer 30

Simple Passwords

Question 31

Which choice below best describes the networking technology that enables one network to send its data over another network’s connections?

Answer 31

Tunneling

Question 32

A client has hired you to implement some network security solutions that were recommended in the results of a network security audit. All clients connecting to the network must have a host-based firewall enabled and must have an up-to-date anti-virus solution installed. Which of the following will you implement to meet the concerns of the security audit and management?

Answer 32

NAC

Question 33

Your company has a mission critical server that data can be recovered from in the event of two hard disk failures. What RAID level should you implement on this server?

Answer 33

RAID 6

Question 34

Which door lock type is considered most secure?

Answer 34

Biometric lock

Question 35

Which network authentication protocol performs authentication of a user to a network entity?

Answer 35

CHAP

Question 36

Which LDAP operation will discontinue an operation that is in progress?

Answer 36

Abandon

Question 37

Where does the RADIUS client/server architecture store its security information?

Answer 37

In a single, central database.

Question 38

Which IEEE standard provides the highest degree of port security by using switch/port authentication, disabling the port completely if a device does not authenticate?

Answer 38

802.1x

Question 39

The specification for the behavior of ports providing remote access using SNMP is controlled by which IEEE specification?

Answer 39

802.1x

Question 40

ou have been requested to modify the Accounting Group policy to permit secure file transfers. You have made the changes and now want to be sure the policy gets updated. At the Command Prompt, what command would you type to execute this?

Answer 40

gpupdate

Question 41

Of the choices provided, which authentication method provides access based on transferring the username and password being exchanged and compared against an encrypted password file on the access server? If the password sent across the network is a match the associated UserID the connection is established. Since the password exchange can be intercepted the method is not considered to be secure.

Answer 41

pap

Question 42

RADIUS provides a system of distributed security for networks and network services. The primary use is to facilitate which type of connection shown below?

Answer 42

Remote

Question 43

As the network admin in charge of endpoint protection, you have noticed a spike in incidents involving removable media, specifically USB drives, and are concerned about future events that may occur. You are preparing a document to cover how occurrences can be prevented and how future responses can be improved. What type of document are you preparing?

Answer 43

After action report

Question 44

Which block cipher mode uses a pseudo-random-number generator for results in reasonable unpredictable values?

Answer 44

CTM

Question 45

Which wireless authentication protocol does not use PKI certificates and sends usernames in plain text?

Answer 45

LEAP

Question 46

In order to create your own PGP certificate, you must request and be issued specific documentation from a certification authority. Which choice below correctly identifies this documentation?

Answer 46

X.509 certificate

Question 47

While setting up your company’s e-commerce web server, you must protect multiple different domains, what type of certificate could you choose to use?

Answer 47

SAN certificate

Question 48

The day before a major downturn in stock prices, Ellen purchased 100 shares of Y. Z. company stock on behalf of Chester, based on an email she’d received from him. Chester now refutes the transaction, stating that he never ordered the shares. What could they have used to verify their identities to each other?

Answer 48

A certification authority

Question 49

Steganography is the process of hiding messages in digital media. What is the most common way these messages are encoded?

Answer 49

Least significant bit