Implementation Flashcards
Which of the following access control models is the most flexible and allow the resources owner to control the access permissions?
(A)DAC
(B)MAC
(C)ABAC
(D)RBAC
(A)DAC(Stresses the importance of the owner. The original creator is considered the owner an can assign permission.)
Chris just downloaded a new third-party email client for his smartphone. When Chris attempts to log in to his email with his username and password the email client generates an error messaging stating that “invalid credentials “ were entered. Chris assumes he must have forgotten his password , so he resets his email username and password and then reenters them into email client. AGAIN, Chris receives an invalid credentials error. What is Most likely causing the Invalid Credentials error regarding Chris email client?
(A)His email account requires a strong password to be used..
(B)His email account is locked out
(C)His email account requires multi factor authentication
(D)His Smartphone has full device encryption enabled
(C)His email account requires Multi-Facor authentication
You received an incident response report indicating apiece of malware was introduced into the company’s network through a remote workstation connected to the company’s servers over a VPN connection. Which of the following controls should be applied to prevent this type of incident from occurring again?
(A)NAC
(B)ACL
(C)MAC Filtering
(D)SPF
(NAC) is an approach to computer security that attempts to unify endpoint security technology.
Your home network is configured with a long, strong, and complex pre shared key for its WPA2 encryption. You noticed that your wireless network has been running slow, so you checked the list of ‘connected client’ and see that ‘Bob’s laptop’ is connected to it. Bob lives downstairs and is the maintenance man for your apartment building. You know that you never gave Bob your password, but somehow he has figured out how to connect to your wireless network. Which of the following actions should you take to prevent anyone from connecting to your wireless network without the proper WPA3 password?
(A)Disable WPS
(B)Disable WPA3
(C)Enable WEP
(D)Disable SSID
(A)Disable WPS(Unfortunately, WPS is vulnerable to a brute-force attack and is easily compromised. Therefore, WPS should be Disabled on all wireless networks. Bob could press WiFi button to connect.
Which mobile device strategy is most likely to introduce vulnerable devices to a corporate network?
(A)COPE
(B)BYOD
(C)MDM
(D)CYOD
BYOD(Brining yor own device that connected to company system opens up to many vulnerabilities)
With of the following features is supported by Kerberos but not RADIUS?
(A)Services for authentication
(B)XML for cross platform interoperability
(C)Tickets used to identify authenticated users
(D)SSO Capabilty
(C)Kerberos is all about tickets. Kerberos uses a system of tickets to allow nodes to communicate over a non-secure network and securely proves their identity.
Why would a company want to utilize a wildcard certificate for their servers?
(A)To reduce the certificate management burden
(B)To secure the certificate private key
(C)To increase the certificate encryption key length
(D)To extend the renewal date of the certificate
(A) To Reduce the certificate management
Burden(Is a public key that saves money and reduce the management burden of managing multiple certificates)
What control provides the best protection against both SQL injection and cross site scripting attacks?
(A)Network layet Firewall
(B)Input Validation
(C)CSRF
(D)Hypervisors
(B)Input Validation prevents the attacker from sending invalid data to an application and is a strong control against both SQL injection and cross site scripting attacks.
A company netflow collection system can handle up to 2 Gbps. Due to excessive load, this excessive load this has begun to approach full utilization at various times of day. If the security team does not have additional money in their budget to purchase a more capable collector, which of the following options could they use to coll useful data?
(A)Enable sampling of the data
(B)Enable full packet capture
(C)Enable Qos
(D)Enable NetFlow compression
(A) Sampling can help them capture network flows that cold be useful without collecting everything passing through the sensor.
A company needs to implement stronger authentication by adding an authentication factor to its wireless system. The wireless system only supports WPA with pre shaved keys, but the backend authentication system supports EAP and TTLS. What should the network administrator implement?
(A)PKI with user authentication
(B)MAC address filtering with IP filtering
(C)802.1x using EAP with MSCAPv2
(D)WPA2 with a complex shared key
(C)Since the backend uses RADIUS server for backend authentication, the network administrator can install 802.1x using EAP with Ms for authentication.
Which of the following would NOT be included in a company’s password policy?
(A)Password Style
(B)Password History
(C)Password Complexity Requirements
(D)Password Age
(A) A Password policy is a set of rules that must be followed for security reasons. A security awareness would include a Password complexity, age, and history requirements.
Whay type of wireless security measures can easily be defeated by a hacker by spoofing their network interface card’s hardware address?
(A)Disable SSID braodcadt
(B)WPS
(C)MAC filtering
(D)WEP
(C) WAP uses Mac Filtering to ensure only known network interface cards are allowed to connect to the network.
Which type of threat will patches NOT effectively combat as a security control?
(A)Zero Day Attack
(B)Malware with defined indicator
(C)Discovered Software Bugs
(D)Known Vulnerability
A Zero Day Attack
Which of the following describes the security method used when users enters their username and password only once and can access multiple application?
(A)Inheritance
(B)Mulfifactor Authentication
(C)SSO
(D)Permission Propagation
(C)SSO allows you to access multiple systems with one sign on.
The email client on a desktop workstation is acting strangely. Evertimethe user opens an email with an image embedded within it, is not displayed on their screen. Which of the following is the MOST likely causes of this issue?
(A)Incorrect email settings in the anti-virus software
(B)Incorrect settings in the host based firewall
(C)Incorrect settings in your email proxy server
(D)Incorrt setting in your web browsers trusted site configuration
(E)Incorrect security settings in the email client
(E) This is a security setting on the mail client to prevent malicious malware and viruses from entering you environment.
David Noticed that port 3389 was open on one of the POS terminals in a store during a scheduled PCI compliance scan. Based on the scan results, what service should he expect to find enabled on this terminal?
(A)RDP
(B)IMAP
(C)MYSQL
(D)LDAP
(A)RDP(Port 3389 is an RDP used for Remote Desktop Protocal.)
Which of the following types of digital forensic investigation is the most challenging due to the on demand nature of the analyzed assets?
(A)On Premise Servers
(B)Cloud Service
(C)mobile Device
(D)Employee Workstation
(B)Cloud Sevice( The on demand nature of Cloud Services means that instance are often created and destroyed again, with no real opportunity for forensic recovery of any data)
Ryan needs to verify the installation of a critical Windows patch on his organization workstation. Which method would be the most efficient to validate the current patch status for all of the organization Windows 10 Workstation?
A. Check the update History Manually
B. Conduct a registry scan off each workstation to validate the patch was installed
C. Create and run owerShell script to search for the specific patch in question
D. Use an Endpoint manager to validate patch Status for each machine on the domain
D. Use an endpoint manager to validate patch status for each machine on the domain
You are reviewing a rule within your organization’s IDS. You see the following output: Based on this rule, which of the following malicious packets would this IDS alert on?
A. A malicious outbound TCP Packet
B. A malicious outbound packets
C. A malicious inbound TCP Packet
D. A malicious inbound packets
C. A malicious inbound TCP Packet
OBJ-3.3: The rule header is set to alert only on TCP packets based on this IDS rule’s first line. The flow condition is set as “to_client, established,” which means that only inbound traffic will be analyzed against this rule and only inbound traffic for connections that are already established. Therefore, this rule will alert on an inbound malicious TCP packet only when the packet matches all the conditions listed in this rule. This rule is an example of a Snort IDS rule. For the exam, you do not need to create your own IDS rules, but you should be able to read them and pick out generic content like the type of protocol covered by the signature, the port to be analyzed, and the direction of flow.
(Sample Simulation – On the real exam for this type of question, you would have to rearrange the ports into the proper order by dragging and dropping them into place.) Using the image provided, place the port numbers in the correct order with their associated protocols:
A. 389,88,1701,3389
B.1701,3389,88,389
C.3389,1701,389,88
D.88,389,3389,1701
C.3389,1701,389,88
OBJ-3.1: For the exam, you need to know your ports and protocols. The Remote Desktop Protocol (RDP) operates over port 3389. Layer 2 Tunneling Protocol (L2TP) operates over port 1701. The Lightweight Directory Access Protocol (LDAP) operates over port 389. Kerberos operates over port 88.
The Pass Certs Fast corporation has recently been embarrassed by several high-profile data breaches. The CIO proposes improving the company’s cybersecurity posture by migrating images of all the current servers and infrastructure into a cloud-based environment. What, if any, is the flaw in moving forward with this approach?
A. The attack assumes that the on-site admin will provide better security then the cloud provider.
B. This approach only changes the location of the network and not the network’s attack surface.
C. This is a reasonable approach that will increase the security of the servers and infrastructure
D. The company has already paid for the physical server and will not fully realize their ROI on them do to the mitigation.
B. This approach only changes the location of the network and not the network’s attack suface.
Your company just launched a new invoicing website for use by your five largest vendors. You are the cybersecurity analyst and have been receiving numerous phone calls that the webpage is timing out, and the website overall is performing slowly. You have noticed that the website received three million requests in just 24 hours, and the service has now become unavailable for use. What do you recommend should be implemented to restore and maintain the availability of the new invoicing system?
A. Implement an allow list
B.VPN
C. Intrusion Detection System
D.MAC Filtering
A. Implement an allow list
Which of the following ports should you block at the firewall if you want to prevent a remote login to a server from occurring?
A. 80
B. 143
C. 22
D. 21
C.22
Your organization has recently suffered a data breach due to a server being exploited. As a part of the remediation efforts, the company wants to ensure that the default administrator password on each of the 1250 workstations on the network is changed. What is the easiest way to perform this password change requirement?
A. Utilize the escrow process
B. Deploy a new group policy
C. Create a new security group
D. Revoke the digital certificate
B. Deploy a new group policy
Dion Training utilizes a wired network throughout the building to provide network connectivity. Jason is concerned that a visitor might plug their laptop into a CAT 5e wall jack in the lobby and access the corporate network. What technology should be utilized to prevent users from gaining access to network resources if they can plug their laptops into the network?
A. VPN
B. DMZ
C. UTM
D. NAC
D. NAC
Your company has an office in Boston and is worried that its employees may not reach the office during periods of heavy snowfall. You have been asked to select a technology that would allow employees to work remotely from their homes during poor weather conditions. Which of the following should you select?
A. IDS
B. NAT
C. VLAN
D. VPN
D. VPN
A corporate workstation was recently infected with malware. The malware was able to access the workstation’s credential store and steal all the usernames and passwords from the machine. Then, the malware began to infect other workstations on the network using the usernames and passwords it stole from the first workstation. The IT Director has directed its IT staff to develop a plan to prevent this issue from occurring again. Which of the following would BEST prevent this from reoccurring?
A. Monitor all workstation
B. Install a host-based detection
C. Install a unified Threat Management
D. Install a anti-virus or anti-malware
D. Install a anti-virus or anti-malware
Which of the following is not normally part of an endpoint security suite?
A. Software Firewall
B. IPS
C. VPN
D. Anti-Virus
C. VPN
You are working for a government contractor who requires all users to use a PIV device when sending digitally signed and encrypted emails. Which of the following physical security measures is being implemented?
A. Biometric Reader
B. Cable Lock
C. Smart Card
D. Key Fob
C. Smart Card
Which of the following technologies is NOT a shared authentication protocol?
A. Facebook Content
B. QAuth
C. OpenID Connect
D. LDAP
D. LDAP
William would like to use full-disk encryption on his laptop. He is worried about slow performance, though, so he has requested that the laptop have an onboard hardware-based cryptographic processor. Based on this requirement, what should William ensure the laptop contains?
A. PAM
B. TPM
C. AES
D.FDE
B. TPM
You have just finished running a Nmap scan on a server are see the following output:
Based on the output above, which of the following ports listed as open represents the most significant security vulnerability to your network?
A.443
B.23
C.22
D.53
B.23
OBJ-3.1: Port 23 is used by telnet and is not considered secure because it sends all of its data in cleartext, including authentication data like usernames and passwords. As an analyst, you should recommend that telnet be disabled and blocked from use. The other open ports are SSH (port 22), DNS (port 53), and HTTPS (port 443).
Your team is developing an update to a piece of code that allows customers to update their billing and shipping addresses in the web application. The shipping address field used in the database was designed with a limit of 75 characters. Your team’s web programmer has brought you some algorithms that may help prevent an attacker from trying to conduct a buffer overflow attack by submitting invalid input to the shipping address field. Which pseudo-code represents the best solution to prevent this issue?
A. if(shippingAddress <=75){update field} else exit
B. if(shippingAddress !=75){update field} else exit
C. if(shippingAddress =75){update field} else exit
D. if(shippingAddress >=75){update field} else exit
if(shippingAddress <=75){update field} else exit
Which of the following policies should contain the requirements for removing a user’s access when an employee is terminated?
A. Account Management Policy
B. Data Ownership Policy
C. Data Retention Policy
D. Data Classification Policy
A. Account Management Policy
What tool is used to collect wireless packet data?
A. Netcat
B. John the Ripper
C. Aircrack-ng
D. Nessus
C. Aircrack-ng
A firewall administrator has configured a new screened subnet to allow public systems to be segmented from the organization’s internal network. The firewall now has three security zones set: Untrusted (Internet) [143.27.43.0/24]; DMZ (Screened Subnet) [161.212.71.0/24]; Trusted (Intranet) [10.10.0.0/24]. The firewall administrator has been asked to enable remote desktop access from a fixed IP on the remote network to a remote desktop server in the screened subnet for the Chief Security Officer to work from his home office after hours. The CSO’s home internet uses a static IP of 143.27.43.32. The remote desktop server is assigned a public-facing IP of 161.212.71.14. What rule should the administrator add to the firewall?
A. Permit 143.27.43.32 161.212.71.14 RDP 3389
B. Permit 143.27.43.0/24 161.212.71.14 RDP 3389
C. Permit 143.27.43.32 161.212.71.0/24 RDP 3389
D. Permit 143.27.43.0/24 161.212.71.0/24 RDP 3389
D. Permit
A. Permit 143.27.43.32 161.212.71.14 RDP 3389
Which of the protocols listed is NOT likely to trigger a vulnerability scan alert when used to support a virtual private network (VPN)?
A. SSLv2
B. PPTP
C. IPsec
D. SSLv3
C. IPsec
You need to determine the best way to test operating system patches in a lab environment before deploying them to your automated patch management system. Unfortunately, your network has several different operating systems in use, but you only have one machine available to test the patches on. What is the best environment to utilize to perform the testing of the patches before deployment?
A. Bypass testing and deploy
B. Virtualization
C. Sandboxing
D. Purchase additional workstation
B. Virtualization
A financial services company wants to donate some old hard drives from their servers to a local charity. The hard drives used in the servers are self-encrypting drives. Still, they are concerned about the possibility of residual data being left on the drives. Which of the following secure disposal methods would you recommend the company use?
A. Overwrite
B. Zero-fill
C. Secure erase
D. Cryptographic erase
D. Cryptographic Erase
A hacker successfully modified the sale price of items purchased through your company’s website. During the investigation that followed, the security analyst has verified the web server, and the Oracle database was not compromised directly. The analyst also found no attacks that could have caused this during their log verification of the Intrusion Detection System (IDS). What is the most likely method that the attacker used to change the items’ sale price?
A. Cross- Site Scripting
B. SQL Injection
C. Buffer Overflow attack
D. Changing hidden form values
D. Changing hidden form values
Which of the following access control methods utilizes a set of organizational roles in which users are assigned to gain permissions and access rights?
A. RBAC
B. ABAC
C. DAC
D. MAC
A. RBAC
Windows file servers commonly hold sensitive files, databases, passwords, and more. What common vulnerability is usually used against a Windows file server to expose sensitive files, databases, and passwords?
A. CRTL Injection
B. Missing Patches
C. Cross Site Scripting
D. SQL Injection
B. Missing Patches
Jason has installed multiple virtual machines on a single physical server. He needs to ensure that the traffic is logically separated between each virtual machine. How can Jason best implement this requirement?
A. Configure a switch on physical server
B. Install a virtual firewall
C. Create a virtual router
D. Create a system partitioning
A. Configure a switch on physical server
While working as a security analyst, you have been asked to monitor the SIEM. You observed network traffic going from an external IP to an internal host’s IP within your organization’s network over port 443. Which of the following protocols would you expect to be in use?
A. SSH
B. TLS
C. TFTP
D. HTTP
B. TLS
Which of the following protocols could be used inside a virtual system to manage and monitor the network?
A. SMTP
B. SNMP
C. BGP
D. EIGP
SNMP
You conducted a security scan and found that port 389 is being used when connecting to LDAP for user authentication instead of port 636. The security scanning software recommends that you remediate this by changing user authentication to port to 636 wherever possible. What should you do?
A. Create remediation action
B. Change all devices that support port 636 since port 389 is reserved
C. Change all devices that support port 636 since encrypted services
D. Mark as false positive
C. Change all devices that support port 636 since encrypted services
A software assurance test analyst performs a dynamic assessment on an application by automatically generating random data sets and inputting them in an attempt to cause an error or failure condition. Which technique is the analyst utilizing?
A. Sequential data sets
B. Static Code Analysis
C. Fuzzing
D. Known bad data injection
C. Fuzzing
You are configuring the ACL for the network perimeter firewall. You have just finished adding all the proper allow and deny rules. What should you place at the end of your ACL rules?
A. A SNMP deny string
B. An exploit deny statement
C. A time of day restriction
D. An exploit allow statement
B. An exploit deny statement
To improve the Dion Training corporate network’s security, a security administrator wants to update the configuration of their wireless network to have IPSec built into the protocol by default. Additionally, the security administrator would like for NAT to no longer be required for extending the number of IP addresses available. What protocol should the administrator implement on the wireless network to achieve their goals?
A. IPv4
B.WPA2
C. IPv6
D. WEP
C. IPv6
Which of the following does a User-Agent request a resource from when conducting a SAML transaction?
A. Relying Party(RP)
B. (IdP)
C. (SSO)
D. Service Provider(SP)
D. Service Provider(SP)
(Sample Simulation – On the real exam for this type of question, you would have to rearrange the ports into the proper order by dragging and dropping them into place.) Using the image provided, place the port numbers in the correct order with their associated protocols:
A. 23,110,22,161
B. 22,110,23,161
C. 22,110,161,23
D. 22,23,110,161
C. 22,110,161,23
OBJ-3.1: For the exam, you need to know your ports and protocols. The Secure Copy (SCP) operates over port 22. Telnet operates over port 23. The Simple Network Management Protocol (SNMP) operates over port 161. The Post Office Protocol 3 (POP3) operates over port 110.
Tim, a help desk technician, receives a call from a frantic executive who states that their company-issued smartphone was stolen during their lunch meeting with a rival company’s executive. Tim quickly checks the MDM administration tool and identifies that the user’s smartphone is still communicating with the MDM, and displays its location on a map. What should Tim do next to ensure the stolen device’s data remains confidential and inaccessible to the thief?
A. Remotely encrypt the System
B. Reset device password
C. Perform a remote wipe
D. Identify the IP Address of the smartphone
C. Perform a remote wipe
You have been asked to help design a new architecture for Dion Training’s website. The current architecture involves a single server that hosts the website in its entirety. The company’s newest course has been creating a lot of interest on social media. The CIO is concerned that the single server will not be able to handle the increased demand that could result from this increased publicity. What technology should you implement in the new architecture to allow multiple web servers to serve up the courses and meet this expected increase in demand from new students?
A. Load Balancer
B. DLP
C. RAID
D. VPN Concentrator
A. Load Balancer
You have been asked to recommend a capability to monitor all of the traffic entering and leaving the corporate network’s default gateway. Additionally, the company’s CIO requests to block certain content types before it leaves the network based on operational priorities. Which of the following solution should you recommend to meet these requirements?
A. Install firewall on router
B. Configure IP filtering
C. Installation of NIPs on internal and external
D. Installation of NIPs on internal interface
D. Installation of NIPs on internal interface
Your company is adopting a new BYOD policy for tablets and smartphones. Which of the following would allow the company to secure the sensitive information on personally owned devices and the ability to remote wipe corporate information without the user’s affecting personal data?
A. Long and Complex Password
B. Face ID
C. Touch ID
D. Containerization
D. Containerization
Susan, a help desk technician at Dion Training, has received several trouble tickets today related to employees receiving the same email as part of a phishing campaign. She has determined that the email’s malicious link is not being blocked by the company’s security suite when a user clicks the link. Susan asked you what action can be performed to prevent a user from reaching the website associated with the phishing email’s malicious link. What action do you recommend she utilize?
A. Add the malicious domain name to content filter
B. Forward the phishing email
C. Enable TLS
D. Block the IP Address
A. Add the malicious domain name to content filter
The digital certificate on the Dion Training web server is about to expire. Which of the following should Jason submit to the CA to renew the server’s certificate?
A. CRL
B. CSR
C. OCSP
D. Key Escrow
B. CSR
You are working in a doctor’s office and have been asked to set up a kiosk to allow customers to check in for their appointments. The kiosk should be secured, and only customers to access a single application used for the check-in process. You must also ensure that the computer will automatically log in whenever the system is powered on or rebooted. Which of the following types of accounts should you configure for this kiosk?
A. Power User
B. Remote Desktop User
C. Admin
D. Guest
D. Guest
Which of the following functions is not provided by a TPM?
A. User Authentication
B. Sealing
C. Binding
D. Remote Attestation
E. Random Number Generator
A. User Authentication
Which of the following tools could be used to detect unexpected output from an application being managed or monitored?
A. A log analysis tool
B. A behavior-based analysis tool
C. Manual Analysis
D. A signature based detection tool
B. A behavior-based analysis tool
What access control model will a network switch utilize if it requires multilayer switches to use authentication via RADIUS/TACACS+?
A. 802.1af
B. 811.1x
C. 802.1x
D. 811.1af
C. 802.1x
What should administrators perform to reduce a system’s attack surface and remove unnecessary software, services, and insecure configuration settings?
A. Windowing
B. Hardening
C. Stealthing
D. Harvesting
B. Hardening
Your organization has just migrated to provisioning its corporate desktops as virtual machines and accessing them using thin clients. The organization believes this will enhance security since the desktop can be rewritten with a new baseline image every time the user logs into it. Based on this scenario, which of the following technologies has the organization adopted?
A. VDI
B. VPC
C. UEBA
D. VPN
A. VDI
You have been investigating how a malicious actor could exfiltrate confidential data from a web server to a remote host. After an in-depth forensic review, you determine that a rootkit’s installation had modified the web server’s BIOS. After removing the rootkit and reflashing the BIOS to a known good image, what should you do to prevent the malicious actor from affecting the BIOS again?
A. Install an anti-malware application
B. Install a host-based IDS
C. Utilize Secure Boot
D. Utilize file integrity monitoring
A. Utilize Secure Boot
Dion Training just installed a new webserver within a screened subnet. You have been asked to open up the port for secure web browsing on the firewall. Which port should you set as open to allow users to access this new server?
A. 443
B. 21
C. 143
D. 80
A. 443
Which protocol relies on mutual authentication of the client and the server for its security?
A. Two Factor Authentication
B. CHAP
C. RADIUS
D. LDAPS
D. LDAPS
You are trying to select the best device to install to proactively stop outside attackers from reaching your internal network. Which of the following devices would be the BEST for you to select?
A. Syslog Server
B. IPS
C. IDS
D. Proxy Server
B. IPS
You are trying to select the best device to install to detect an outside attacker trying to reach into your internal network. The device should log the event, but it should not take any action to stop it. Which of the following devices would be the BEST for you to select?
A. IDS
B. Authentication Server
C. IPS
D. Proxy Server
A. IDS
Which of the following access control methods provides the most detailed and explicit type of access control over a resource?
A. ABAC
B. DAC
C. MAC
D. RBAC
A. ABAC
Your firewall is blocking outbound email traffic that is attempting to be sent. Which port should you verify is set to ALLOW in the firewall to ensure your emails are being sent?
A. 22
B. 143
C. 80
D. 25
D. 25
You are working as a network administrator for Dion Training. The company has decided to allow employees to connect their devices to the corporate wireless network under a new BYOD policy. You have been asked to separate the corporate network into an administrative network (for corporate-owned devices) and an untrusted network (for employee-owned devices). Which of the following technologies should you implement to achieve this goal?
A. WPA2
B. MAC Filtering
C. VLAN
D. VPN
C. VLAN
Users connecting to an SSID appear to be unable to authenticate to the captive portal. Which of the following is the MOST likely cause of the issue?
A. CSMA/CA
B. SSL Certificate
C. RADIUS
D. WPA2 Security key
C. RADIUS
Which of the following is the LEAST secure wireless security and encryption protocol?
A. Measured Booted
B. Master Boot Record Analytics
C. Startup Control
D. Advanced Anti Malware
A. Measured Booted
Which role validates the user’s identity when using SAML for authentication?
A.RP
B. IdP
C. SP
D. User Agent
B. IdP
Which of the following authentication protocols was developed by Cisco to provide authentication, authorization, and accounting services?
A. TACAST+
B. CHAP
C. RADIUS
D. Kerberos
A. TACAST+
(Sample Simulation – On the real exam for this type of question, you would have to rearrange the steps into the proper order by dragging and dropping them into place.) Using the image provided, place the port numbers in the correct order with their associated protocols.
A. 25,80,53,69
B. 80,53,69,25
C. 69,25,80,53
D. 53,69,25,80
C. 69,25,80,53
OBJ-3.1: For the exam, you need to know your ports and protocols. The Trivial File Transfer Protocol (TFTP) uses port 69. The Simple Mail Transfer Protocol (SMTP) uses port 25. The Hypertext Transfer Protocol (HTTP) uses port 80. The Domain Name Service (DNS) protocol uses port 53.
Which of the following protocols is commonly used to collect information about CPU utilization and memory usage from network devices?
A. Netflow
B. SNMP
C. MIB
D. SMTP
B. SNMP
Which of the following protocols is considered insecure and should never be used in your networks?
A. HTTPS
B. Telnet
C. SFTP
D. SSH
B. Telnet
Your company wants to provide a secure SSO solution for accessing both the corporate wireless network and its network resources. Which of the following technologies should be used?
A. WPS
B. WPA2
C. RADIUS
D. WEP
C. RADIUS
You are conducting an incident response and have traced the attack source to some compromised user credentials. After performing log analysis, you discover that the attack was successfully authenticated from an unauthorized foreign country. Your management is now asking for you to implement a solution to help mitigate this type of attack from occurring again. Which of the following should you implement?
A. Context- based authentication
B. Password complexity
C. Single Sign On
D. Self Service password reset
A. Context- based authentication
Which of the following password policies defines the number of previous passwords that cannot be reused when resetting a user’s password?
A. Password Complexity
B. Password History
C. Password Expiration
D. Password Length
B. Password History
An analyst reviews a triple-homed firewall configuration that connects to the internet, a private network, and one other network. Which of the following would best describe the third network connected to this firewall?
A. Staging Environment
B. Data Zone
C. Screened Subnet
D. Availability Zone
C. Screened Subnet
A new security appliance was installed on a network as part of a managed service deployment. The vendor controls the appliance, and the IT team cannot log in or configure it. The IT team is concerned about the appliance receiving the necessary updates. Which of the following mitigations should be performed to minimize the concern for the appliance and updates?
A. Scan and patch the device
B. Automatic Devices
C. Configuration Management
D. Vulnerability Scanning
D. Vulnerability Scanning
Michelle has just finished installing a new database application on her server. She then proceeds to uninstall the sample configuration files, properly configure the application settings, and update the software to the latest version according to her company’s policy. What best describes the actions Michelle just took?
A. Application Hardening
B. Input Validation
C. Vulnerability Scanning
D. Patch Management
A. Application Hardening
Which of the following is the leading cause for cross-site scripting, SQL injection, and XML injection attacks?
A. Directory Traversal
B. Faulty Input Validation
C. File Inclusion
D. Output Encoding
B. Faulty Input Validation
Dion Training uses an authentication protocol to connect a network client to a networked file server by providing its authentication credentials. The file server then uses the authentication credentials to issue an authentication request to the server running this protocol. The server can then exchange authentication messages with the file server on behalf of the client. Throughout this process, a shared secret is used to protect the communication. Which of the following technologies relies upon the shared secret?
A. PKI
B. LDAP
C. Kerberos
D. RADIUS
D. RADIUS
Which of the following identity and access management controls relies upon using a certificate-based authentication mechanism?
A. Smart Card
B. Proximity Card
C. HOTP
D. TOTP
A. Smart Card
Which of the following types of access control provides the strongest level of protection?
A. DAC
B. ABAC
C. MAC
D. RBAC
C. MAC
Dion Training allows its visiting business partners from CompTIA to use an available Ethernet port in their conference room to establish a VPN connection back to the CompTIA internal network. The CompTIA employees should obtain internet access from the Ethernet port in the conference room, but nowhere else in the building. Additionally, if any of the Dion Training employees use the same Ethernet port in the conference room, they should access Dion Training’s secure internal network. Which of the following technologies would allow you to configure this port and support both requirements?
A. Implement NAC
B. Create a ACL to allow access
C. MAC Filtering
D. Configure a SIEM
A. Implement NAC
Which of the following password policies defines the types of alphanumeric characters required to be utilized in a user’s password?
A. Password History
B. Password Length
C. Password complexity
D. Password Expiration
C. Password complexity
Which authentication mechanism does 802.1x usually rely upon?
A. EAP
B. TOTP
C. RSA
D. HOTP
A. EAP
Review the network diagram provided. Which of the following ACL entries should be added to the firewall to allow only the system administrator’s computer (IT) to have SSH access to the FTP, Email, and Web servers in the DMZ?
(Note: The firewall in this network is using implicit deny to maintain a higher level of security. ACL entries are in the format of Source IP, Destination IP, Port Number, TCP/UDP, Allow/Deny.)
A. 192.168.0.0/24, 172.16.1.4, TCP, ALLOW
B. 172.16.1.4, 192.168.0.0/24, 22, TCP, ALLOW
C. 172.16.1.4, 192.168.0.0/24, ANY, TCP, ALLOW
D. 192.168.0.0/24, 172.16.1.4, ANY, TCP, ALLOW
B. 172.16.1.4, 192.168.0.0/24, 22, TCP, ALLOW
OBJ-3.3: The ACL should be created with 172.16.1.3 as the Source IP, 192.168.1.12 as the Destination IP, 445 as the port number operating over TCP, and the ALLOW condition set. This is the most restrictive option presented (only the HR and Files server are used), and the minimal number of ports are opened to accomplish our goal (only port 445 for the SMB service).
Which of the following types of remote access technologies should NOT be used in a network due to its lack of security?
A. RDP
B. Telnet
C. VPN
D. SSH
B. Telnet
You have been asked to provide some training to Dion Training’s system administrators about the importance of proper patching of a system before deployment. To demonstrate the effects of deploying a new system without patching it first, you ask the system administrators to provide you with an image of a brand-new server they plan to deploy. How should you deploy the image to demonstrate the vulnerabilities exposed while maintaining the security of the corporate network?
A. Deploy the image
B. Utilize a sever
C. Deploy the system image
D. Deploy the vulnerable image
C. Deploy the system image
DeepScan supports data-flow analysis and understands the execution flow of a program. It allows you to see possible security flaws without executing the code. Which of the following types of tools would DeepScan be classified as?
A. Decompiler
B. Fuzzer
C. Fault Injector
D. Static Code Analyzer
D. Static Code Analyzer
A supplier needs to connect several laptops to an organization’s network as part of their service agreement. These laptops will be operated and maintained by the supplier. Victor, a cybersecurity analyst for the organization, is concerned that these laptops could contain some vulnerabilities that could weaken the network’s security posture. What can Victor do to mitigate the risk to other devices on the network without having direct administrative access to the supplier’s laptops?
A. require 2 factor verification on laptop
B. Implement a jumpbox
C. Scan the laptop vulnerabilities and patches
D. increase the encryption of VPN
B. Implement a jumpbox
Riaan’s company runs critical web applications. During a vulnerability scan, Riaan found a serious SQL injection vulnerability in one of their web applications. The system cannot be taken offline to remediate the vulnerability. Which of the following compensating controls should Riaan recommend using until the system can be remediated?
A. Vulnerabilty Scanning
B. IPS
C. WAF
D. Encryption
C. WAF
Which type of monitoring would utilize a network tap?
A. SNMP
B. Router Based
C. Active
D. Passive
D. Passive
(Sample Simulation – On the real exam for this type of question, you would have to fill in the blanks by dragging and dropping them into place.) Using the image provided, select four security features that you should use with a workstation or laptop within your organization?
A. CAT5e STP, Location Tracking, Host Based firewall, Remote Wipe
B. Host Based firewall, Network Sniffer, Cable Lock, CAT5e STP
C. Cable Lock, Network Sniffer, Host Based firewall, Remote wipe
D. Remote Wipe, Location Tracking, Host Based firewall, CableLock
B. Host Based firewall, Network Sniffer, Cable Lock, CAT5e STP
OBJ-3.5: Host-based firewall, Network sniffer, a Cable lock, and CAT5e STP cables are appropriate security features to use with a corporate workstation or laptop. Using a host-based firewall (such as Windows Firewall), you can configure the workstation or laptop to block incoming or outgoing data from the device’s network connection. If you install a network sniffer, you will be able to capture any network traffic used on the network for later analysis. If you use a cable lock, it will lock the workstation or laptop to a desk and prevent theft of the device. If you use a CAT 5e STP cable for your network connection, you will minimize EMI risk and reduce data emanations.
Which of the following secure coding best practices ensures special characters like <, >, /, and ‘ are not accepted from the user via a web form?
A. Output code
B. Error Handling
C. Session Management
D. Input validation
D. Input validation
Which of the following is the MOST secure wireless security and encryption protocol?
A. WPA
B. WEP
C. WPA2
D. WPA3
D. WPA3
You have been asked to install a computer in a public workspace. Only an authorized user should use the computer. Which of the following security requirements should you implement to prevent unauthorized users from accessing the network with this computer?
A. Disable Single Sign On
B. Require authentication on wake up
C. Issue the same strong and complex passwords to all users
D. Remove the Guest account form admin group
B. Require authentication on wake up
You are installing a new wireless network in your office building and want to ensure it is secure. Which of the following configurations would create the MOST secure wireless network?
A. WEP & TKIP
B. WPA2 & RC4
C. WPA2 & AES
D. WPA & WPA#
C. WPA2 & AES
Which security control would prevent unauthorized users from connecting to a company’s wireless network?
A. NAC
B. Segmentation
C. IPS
D. Firewalls
A. NAC
(Sample Simulation – On the real exam for this type of question, you would have to fill in the blanks by dragging and dropping them into place.) Using the image provided, select four security features that you should use with a smartphone provided through a COPE policy in your organization?
A. Remote Wipe, Location Tracking, Host Based Firewall, Cable Lock
B. Cellular data, Remote Wipe, Location Tracking, MDM
C. MDM, Location Tracking, Host Based Firewall, Remote Wipe
D. Cable Lock, Network Sniffer, Cellular data, Remote Wipe
B. Cellular data, Remote Wipe, Location Tracking, MDM
OBJ-3.5: Cellular data, Remote wipe, Location tracking, and MDM are all appropriate security features to use with a company-provided laptop. By using cellular data, your users will be able to avoid connecting to WiFi networks for connectivity. Remote wipe enables the organization to remotely erase the device’s contents if it is lost or stolen. Location tracking uses the smart phone’s GPS coordinates for certain apps, location-based authentication, and to track down a device if it is lost or stolen. Mobile device management (MDM) programs enable the administrators to remotely push software updates, security policies, and other security features to the device from a centralized server.
Marta’s organization is concerned with the vulnerability of a user’s account being vulnerable for an extended period of time if their password was compromised. Which of the following controls should be configured as part of their password policy to minimize this vulnerability?
A. Password History
B. Password Expiration
C. Minimum Password Length
D. Password Complexity
B. Password Expiration
A web developer wants to protect their new web application from an on-path attack. Which of the following controls would best prevent an attacker from stealing tokens stored in cookies?
A. Hashing the Cookie Value
B. Forcing the use of TLS for the Web Application
C. Forcing the use of SSL for the Web Application
D. Setting the secure attribute on the cookie
D. Setting the secure attribute on the cookie
Your company has created a baseline image for all of its workstations using Windows 10. Unfortunately, the image included a copy of Solitaire, and the CIO has created a policy to prevent anyone from playing the game on the company’s computers. You have been asked to create a technical control to enforce the policy (administrative control) that was recently published. What should you implement?
A. Disable Removable Media
B. Application Allow List
C. Application Hardening
D. Application Block list
D. Application Block list
What technology is NOT PKI x.509 compliant and cannot be used in various secure functions?
A. SSL/TLS
B. Blowfish
C AES
D. WPA2
B. Blowfish
During a penetration test of your company’s network, the assessor came across a spreadsheet with the passwords being used for several servers. Four of the passwords recovered are listed below. Which one is the weakest password and should be changed FIRST to increase the password’s complexity?
A. P@$$WORD
B. pa55word
C. Pa55w0rd
D. P@$$w0rd
B. pa55word
Dion Training wants to reduce the management and administrative costs of using multiple digital certificates for all of their subdomains of diontraining.com. Which of the following solutions would allow the company to use one digital certificate for all of its subdomains?
A. Key Escrow
B. OCSP
C. Wildcards
D. CRL
C. Wildcards
You want to provide controlled remote access to the remote administration interfaces of multiple servers hosted on a private cloud. What type of segmentation security solution is the best choice for this scenario?
A. Airgap
B. Bastion Hos
C. Physical
D. Jumpbox
D. Jumpbox
A small company that does not have security staff wants to improve its security posture.
Which of the following would BEST assist the company?
A. MSSP
B. Security Guard
C. SOAR
D. MTRR
E. Firewall
SOAR(Security, Orchestration, Automation and Response)
