Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

SEC+ GCGA SY501 > Practice Qs SEC+ > Flashcards

Practice Qs SEC+ Flashcards

1
Q

Which of the following describes the difference between a worm and a virus?

  • Worms are self-replicating.
  • Viruses are self-replicating.
  • Worms are often malicious.
  • Viruses are often malicious.
A

Worms are self-replicating.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which one of the following is not an example of a denial-of-service attack?

  • Gargomel
  • Smurf
  • Teardrop
  • Fraggle
A

Gargomel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which one of the following is not a type of phishing attack?

  • Spear phishing
  • Whaling
  • Wishing
  • Smishing
A

Wishing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

At your place of employment, you are rushing to the door with your arms full of bags. As you approach, the woman before you scans her badge to gain entrance while holding the door for you, but not without asking to see your badge. What did she just prevent?

  • Phishing
  • Tailgating
  • Whaling
  • Door diving
A

Tailgaiting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which of the following is an effective way to get information in crowded places such as airports, conventions, or supermarkets?

  • Shoulder surfing
  • Phishing
  • Vishing
  • Reverse social engineering
A

Shoulder Surfing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which one of the following is designed to execute malicious actions when a certain event occurs or a specific time period elapses?

Logic bomb
Spyware
Botnet
DDoS

A

Logic Bomb

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which one of the following best describes a polymorphic virus?

A virus that attacks the boot sector and then attacks the system files
A virus that infects EXE files
A virus that changes its form each time it is executed
A virus inserted into a Microsoft Office document such as Word or Excel

A

A virus that changes its form each time it is executed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

You discover you are unable to access files on your computer. A message appears asking for payment to allow for the recovery of your files. Which of the following is most likely?

Your files have been moved to a remote server.
Your files have been copied.
Your files have been deleted.
Your files have been encrypted.

A

Your files have been encrypted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which of the following types of attacks can result from the length of variables not being properly checked in the code of a program?

Buffer overflow
Denial of service
Replay
Spoofing

A

Buffer overflow

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which one of the following is a best practice to prevent code injection attacks?

Implementing the latest security patches
Session cookies
Using unbound variables
Input validation

A

Input validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

You are the security administrator for a bank. The users are complaining about the network being slow. It is not a particularly busy time of the day, however. You capture network packets and discover that hundreds of ICMP packets have been sent to the host. What type of attack is likely being executed against your network?

Spoofing
Man-in-the-middle attack
Denial-of-service attack
Password attack

A

Denial-of-service attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

An initialization vector should be which of the following?

Unique and unpredictable
Repeatable and random
Repeatable and unique
Unique and predictable

A

Unique and unpredictable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How do relationship and capability pertain to understanding specific threat actors?

They are characteristics associated with building a threat profile.
They describe attributes that apply equally to all threats.
They are the two most important attributes when analyzing threat actors.
They indicate the likelihood of vulnerabilities being discovered.

A

They are characteristics associated with building a threat profile.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

With which of the following is a “low and slow” attack most associated?

OSINT
Ransomware
Script kiddies
APT

A

APT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

After conducting a vulnerability assessment, which of the following is the best action to perform?

Disable all vulnerable systems until mitigating controls can be implemented
Contact the network team to shut down all identified open ports
Organize and document the results based on severity
Immediately conduct a penetration test against identified vulnerabilities

A

Organize and document the results based on severity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

You are conducting a penetration test on a software application for a client. The client provides you with details around some of the source code and development process. What type of test will you likely be conducting?

Both Black and White box
Vulnerability
White box
Black box

A

White box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Which of the following is a reason to conduct a penetration test?

To test the adequacy of security measures put in place
To passively test security controls
To steal data for malicious purposes
To identify the vulnerabilities

A

To test the adequacy of security measures put in place

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Which one of the following best describes a penetration test?

A passive evaluation and analysis of operational weaknesses using tools and techniques that a malicious source might use
A technique used to identify hosts and their associated vulnerabilities
The monitoring of network communications and examination of header and payload data
An evaluation mimicking real-world attacks to identify ways to circumvent security

A

An evaluation mimicking real-world attacks to identify ways to circumvent security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Which one of the following best describes the four primary phases of a penetration test?

Planning, discovery, attack, reporting
Exploit, escalation, pivot, persistence
Discovery, attack, pivot, reporting
Planning, exploit, attack, persistence

A

Planning, discovery, attack, reporting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Your team is tasked with conducting a vulnerability assessment and reports back with a high number of false positives. Which of the following might you recommend to reduce the number of false positives?

Have the team run a vulnerability scan using noncredentialed access
Have the team run a vulnerability scan using credentialed access
Have the team run a port scan across all ports
Have the team run a port scan across all common ports

A

Have the team run a vulnerability scan using credentialed access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which of the following are potential impacts of a race condition?

System malfunction
Denial of service
All answers are correct
Escalated privileges

A

All answers are correct

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which one of the following is the term given to a fraudulent wireless access point that is configured to lure connections to it?

NFC
ARP replay attack
Bluejacking
Evil twin

A

Evil twin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

A small IT consulting firm has installed new wireless routers across all your small regional offices. Within days, you learn that you are unable to access the administrative interfaces of these routers due to an incorrect password. Which one of the following is most likely the reason?

The wireless routers are not powered on.
The wireless routers have been placed on end-of-life by the manufacturer and are no longer supported for remote login.
The wireless routers have been designed to allow improper input handling, resulting in failed password input.
The wireless routers were set up with the default configuration, which included a default password that was never changed.

A

The wireless routers were set up with the default configuration, which included a default password that was never changed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

You identify a system that becomes progressively slower over a couple days until it is unresponsive. Which of the following is most likely the reason for this behavior?

Improper error handling
Untrained user
Race condition
Memory leak

A

Memory leak

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Which of the following is a use for a VPN concentrator?

Load balancing
Internet connectivity
Intrusion detection
Remote access

A

Remote access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

If the organization requires a firewall feature that controls network activity associated with DoS attacks, which of the following safeguards should be implemented?

Loop protection
Flood guard
Implicit deny
Port security

A

Flood Guard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Wired traffic must be encrypted because there is concern about protecting the security of login and password information for internal high-level users. Which technology should you implement?

NAT
VPN
VLAN
DMZ

A

VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Which of the following are uses for proxy servers? (Choose all correct answers.)

Internet connectivity
Intrusion detection
Web content caching
Load balancing

A

Internet connectivity
Web content caching
Load balancing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

If the organization requires a switch feature that makes additional checks in Layer 2 networks to prevent STP issues, which of the following safeguards should be implemented?

Flood guard
Implicit deny
Port security
Loop protection

A

Loop protection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

You are setting remote access for users and want to be sure a secure channel is used. Which technology should you implement?

NAT
VLAN
DMZ
VPN

A

VPN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Which of the following uses a secure cryptoprocessor that accelerates cryptographic processes and provides strong access authentication for critical application encryption keys?

Full disk encryption
Hardware security module
Public key infrastructure
File-level encryption

A

Hardware security module (HSM)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

You have recently had problems with clients in one particular area of the network not being able to connect to a server. Which of the following tools should you use to begin troubleshooting?

Ping
Nslookup
Netstat
Telnet

A

ping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

You have been tasked with testing the strength of user passwords. Which of the following tools is the best choice to help accomplish this task?

Nmap
Brutus
OpenPuff
Metasploit

A

Brutus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Which of the following is used for penetrating testing and risk assessments?

Banner grabbing
Configuration compliance scanner
Honeypot
Exploitation framework

A

Exploitation framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Which of the following is used to help troubleshoot network issues by gathering packet-level information across the network?

Data sanitation tools
Protocol analyzer
Vulnerability scanner
Port scanner

A

Protocol analyzer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

You have recently had problems with clients not being able to resolve domain names correctly. Which of the following tools should you use?

Nslookup
Netstat
Ifconfig
Ping

A

nslookup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

It has been reported that some weak user passwords from your organization have shown up on the Internet. Which of the following tools would provide information to confirm or deny this allegation?

Camouflage
Tcpdump
Cain and Abel
SolarWinds

A

Cain and Abel

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Which of the following is used to identify the level of aggressive attention directed at a network and to study and learn from an attacker’s common methods of attack?

Vulnerability scanner
Configuration compliance scanner
Banner grabbing
Honeypot

A

Honeypot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

You are required to check user permissions for the finance group that includes specific registry keys. Which of the following should you choose?

Content filter
Audit user permissions
DNS
HTTPS

A

Audit user permissions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Which of the following is associated with certificate issues?

Release of private or confidential information
Prevention of legitimate content
Algorithm mismatch error
Unauthorized transfer of data

A

Algorithm mismatch error

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

You are required to implement a solution to identify baseline deviations for varying workloads across different days. Which of the following should you choose?

Alarms
Static baselining
Alerts
Dynamic baselining

A

Dynamic baselining

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Recently, some employees have fallen victim to social engineering. Which of the following is the best way to manage this personnel issue?

Awareness training
Termination
A new policy
Written warning

A

Awareness training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

It has been reported that some clear-text passwords are being transmitted within your organization. Which of the following can mitigate this situation?

Auditing of user permissions
DNS
Content filtering
HTTPS

A

HTTPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Which of the following best describes data exfiltration?

Algorithm mismatch error
Prevention of legitimate content
Release of private or confidential information
Unauthorized transfer of data

A

Unauthorized transfer of data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

An organization is looking to add a layer of security by implementing a solution that protects hosts against known and unknown malicious attacks from the network layer up through the application layer. Which of the following fulfills this requirement?

Whitelisting
Encryption
DLP
HIPS

A

HIPS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Which of the following types of antivirus scanning looks for instructions or commands that are not typically found in application programs?

Pattern matching
Heuristic
Static
Manual

A

Heuristic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Which of the following is useful in preventing users and attackers from executing unauthorized applications but does not prevent malicious code from executing?

Application whitelisting
Patch management
DLP
Malware inspection filter

A

Application whitelisting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

An organization is looking to add a layer of security by maintaining strict control over the devices employees are approved to use. Which of the following fulfills this requirement?

HIPS
Encryption
DLP
Whitelisting

A

DLP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Advanced malware tools use which of the following analysis methods?

Context based
Static analysis
Manual analysis
Signature analysis

A

Context based

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

A Windows system is software DEP-enabled. An attacker runs an exploit that injects code into a program, and the program uses known memory space. What will the result be?

The malware code will run because it was injected into a known process.
The machine will automatically blue-screen and shut down.
The malware will be blocked from running the injected code.
The code will run with limited functionality.

A

The malware will be blocked from running the injected code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Which of the following enables decentralized authentication through trusted agents?

Transitive trusts
Key management
Credential management
Data ownership

A

Transitive trusts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

An organization wants to be sure that certain application data is protected. Which of the following fulfills this requirement?

Lockout
Blacklisting
Whitelisting
Encryption

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

An organization is looking for a mobile solution that will allow data to be deleted if a device is lost or stolen. Which of the following fulfills this requirement?

Passcode policy
Remote wipe
Voice encryption
GPS tracking

A

Remote wipe

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Which of the following are used as a most basic form of security in handheld devices? (Choose two correct answers.)

Passcode
Encryption
PIN
Fingerprint biometrics

A

PIN

Passcode

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Which of the following is included in a BYOD, CYOD, or COPE policy?

Data ownership
Transitive trusts
Credential management
Key management

A

Data Ownership

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

An organization is looking to add a layer of security and maintain strict control over the apps employees are approved to use. Which of the following fulfills this requirement?

Encryption
Lockout
Whitelisting
Blacklisting

A

Whitelisting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Which of the following is necessary to implement an effective BYOD, CYOD, or COPE program? (Choose two correct answers.)

Infrastructure considerations
Legal considerations
Storage limitations
Key management

A

Infrastructure considerations

Legal considerations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Which standard port is used to establish an FTP connection?

21
443
80
8250

A

21

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Which of the following is a protocol that incorporates enhanced security features for VoIP (Voice over IP) or video network communications?

HTTPS
LDAPS
NTP
SRTP

A

SRTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Which of the following should be used to establish a session between client and host computers using an authenticated and encrypted connection?

SSH
SFTP
SNMP
S/MIME

A

SSH

61
Q

Which of the following is a use case for subnetting?

Reduced risks during data exchanges
Subscription services
Host arrangement into the different logical groups that isolate each subnet
Regulatory mandates that require accurate time stamping

A

Host arrangement into the different logical groups that isolate each subnet

62
Q

Which standard port is used to establish a web connection using the 40-bit RC4 encryption protocol?

21
443
80
8250

A

443

63
Q

Which of the following protocols is used to secure email?

SNMP
SFTP
S/MIME
SSH

A

S/MIME

64
Q

Which of the following is a use case for subscription services?

Network automation and data analytics
Regulatory mandates that require accurate time stamping
Arrangement of hosts into the different logical groups that isolate each subnet
Reduced risks during data exchanges

A

Network automation and data analytics

65
Q

Using a combination of firewalls, intrusion detection systems, content filters, encryption, and auditing procedures in the organization for protection against intrusions is an example of which of the following?

Layered security
Defense in depth
Infrastructure as a Service
Community cloud

A

Layered security

66
Q

Which of the following types of control is a surveillance system?

Technical control
Physical control
Management control
Logical control

A

Physical control

67
Q

Which of the following are the most compelling reasons that secure configuration baselines have been established? (Select all correct answers.)

Regulatory bodies
Organizational requests
Governmental mandates
Industry standards

A

Regulatory bodies
Governmental mandates
Industry standards

68
Q

Which of the following devices is used to accept encrypted connections from users and then send the connection to the server unencrypted?

DMZ
SSL accelerator
VPN
DDoS mitigation appliance

A

SSL accelerator

69
Q

You are setting up a switched network and want to group users by department. Which technology should you implement?

VPN
NAT
DMZ
VLAN

A

VLAN

70
Q

You are setting up a web server that both the internal employees and external customers need to access. What type of architecture should you implement?

VLAN
DMZ
VPN
NAT

A

DMZ

71
Q

An organization has a sensitive network that needs to have physically isolated machines. Which of the following practices would be used to meet this requirement?

Air gap
Honeynet
VLAN
RAS

A

Air gap

72
Q

An organization is experiencing a large amount of electromagnetic interference (EMI). Which of the following is the best method to provide continuous operations?

A generator
A RAID configuration
A redundant electric connection
Extra shielding

A

Extra shielding

73
Q

Which of the following best describes the result of adding an email address to the blocked list?

It is considered part of the whitelist.
It is considered part of the graylist.
It is considered part of the blacklist.
It is considered part of the brownlist.

A

It is considered part of the blacklist.

74
Q

Which of the following can result in the exploitation of a BIOS vulnerability? (Select all correct answers.)

Hard drive failure occurs
System cannot boot
System locks up
Denial of service occurs

A

System cannot boot

Denial of service occurs

75
Q

Which of the following uses a secure cryptoprocessor to authenticate hardware devices such as a PC or laptop?

Public key infrastructure
File-level encryption
Full disk encryption
Trusted platform module

A

Trusted platform module

76
Q

Which of the following provides a sandboxed environment that can be used to investigate unsafe executables?

Network storage
Virtualization
Application baselining
Host software baselining

A

Virtualization

77
Q

Which of the following is considered good practice for separation of development and test environments? (Select two correct answers.)

Different physical locations
VLAN
VPN
Firewall

A

VLAN

Firewall

78
Q

In which of the following are attestation challenges from computed hashes of system or application information used to obtain confidence in the trustworthiness and identity of a platform or software?

Sandboxing
Application baselines
Staging environments
Integrity measurement

A

Integrity measurement

79
Q

A vulnerability assessment has revealed that legacy internal heart monitors of a hospital’s intensive care unit (ICU) are visibly exposed to the Internet. Which of the following should be implemented?

Network segmentation
Manual updates
Code wrappers
Control diversity

A

Network segmentation

80
Q

Which of the following operating systems is run in a SoC environment?

RedHat Enterprise Linux (RHEL)
RTOS
CAN bus
Windows Server 2016

A

RTOS

81
Q

Which of the following is most likely to use network segmentation as a security method?

Mainframes
Gaming consoles
Android devices
SCADA systems

A

SCADA systems

82
Q

In which of the following phases should code security first be implemented?

Testing
Review
Design
Implementation

A

Design

83
Q

Buffer overflows, format string vulnerabilities, and utilization of shell escape codes can be mitigated by using which of the following practices to test an application?

Testing
Fuzzing
Browser-initiated token request
Input validation

A

Input validation

84
Q

The organization is building a new application and is more interested in being able to use a rigorous methodical process to verify each phase along the way than it is in selecting a fast delivery method. Which of the following should the organization choose?

Waterfall
Agile
Continuous integration
IaC

A

Waterfall

85
Q

An organization is interested in using a vendor SaaS application but is concerned about the lack of cloud security. What type of cloud architecture is the most appropriate?

Community
Public
Private
Hybrid

A

Hybrid

86
Q

Which of the following methods of cloud computing allows the client to literally outsource everything that would normally be in a typical IT department?

SaaS
IaaS
PaaS
DaaS

A

IaaS

87
Q

An organization wants to use a service provider to implement processes for the organization such as identity and access management (IAM) and encryption. Which of the following should the organization choose?

SaaS
IaaS
SecaaS
DRaaS

A

SecaaS

88
Q

An organization that operates a small web-based photo backup business is evaluating single points of failure. The organization has three servers, four switches, and 100 client systems. Which of the following is the most likely component(s) to be the single point of failure?

Switches
Client systems
Servers
ISP connection

A

ISP connection

89
Q

An organization is implementing a data availability solution based on a striped disk array without redundancy. Which of the following best describes this implementation?

RAID 1
RAID 0
RAID 5
RAID 10

A

RAID 0

90
Q

Because of seasonal business fluctuations, an organization uses cloud environments to purchase resources for a short period of time based on demand. Which of the following terms best describes this principle?

Elasticity
Snapshots
Scalability
Server redundancy

A

Elasticity

91
Q

Which type of fire extinguisher is best for putting out burning wires?

Sodium chloride
Water
Carbon dioxide
Copper powder

A

Carbon dioxide

92
Q

What is the plenum?

A type of dry-pipe fire control system
A mesh enclosure designed to block EMI
A mechanism for thermal management
A mechanism for controlling condensation

A

A mechanism for thermal management

93
Q

The ASHRAE recommends humidity levels in which range?

40%–55%
70%–85%
25%–40%
55%–70%

A

40%–55%

94
Q

An organization that has several small branches in North Dakota, Minnesota, and Ontario, Canada, is planning for a fire-suppression system installation. Which of the following best fits the needs of the organization?

Dry pipe
Deluge
Wet pipe
Preaction

A

Dry pipe

95
Q

If you have a smart card that contains details of your iris coloring and retinal patterns, which two types of authentication would be involved in a successful access request?

Something you have and something you do
Something you have and something you are
Something you are and something you know
Something you do and something you are

A

Something you have and something you are

96
Q

Which of the following best describes the Policy Enforcement Point (PEP) component of AAA functions?

Data holder
Authenticator
Final decision maker
Auditor

A

Authenticator

97
Q

If an organization wants to implement an enterprise access solution that does not require a user to remember passwords across multiple distinct business units, which of the following is the best choice?

Federation
Single sign-on
Transitive trusts
Retinal scanning

A

Federation

98
Q

Which of the following processes occurs when the user provides appropriate credentials such as the correct password and a username?

Accounting
Authorization
Authentication
Identification

A

Authentication

99
Q

Which of the following best describes the Policy Decision Point (PDP) component of AAA functions?

Auditor
Authenticator
Data holder
Final decision maker

A

Final decision maker

100
Q

Which of the following processes occurs first when a user or device presents information such as a username, a process ID, a smart card, or another unique identifier?

Accounting
Authentication
Authorization
Identification

A

Identification

101
Q

An organization that relies heavily on cloud and SaaS service providers, such as Salesforce.com (Links to an external site.), WebEx, or Google, would have security concerns about which of the following?

TACACS+
OpenID Connect
SAML
LDAP

A

SAML

102
Q

An educational institution requires a secure solution that is capable of interfacing with state systems and other state-run universities. Which of the following is the best solution?

Shibboleth
OAuth
OpenID Connect
SAML

A

Shibboleth

103
Q

An organization is implementing a server-side application using OAuth 2.0. Which of the following grant types should be used?

Authorization code
Implicit
Password credentials
Client credentials

A

Authorization code

104
Q

Which of the following is used with OAuth 2.0 as an extension to the authorization process?

LDAP
NTLM
Shibboleth
OpenID Connect

A

OpenID Connect

105
Q

An organization is implementing an application that needs service access to its own resources using OAuth 2.0. Which of the following grant types should be used?

Authorization code
Client credentials
Implicit
Password credentials

A

Client credentials

106
Q

Which of the following is a nonproprietary protocol that provides authentication and authorization in addition to accounting of access requests against a centralized service for the authorization of access requests?

SAML
OAuth
TACACS+
LDAP

A

TACACS+

107
Q

Which type of “something you have” factor do U.S. federal governmental employees and contractors use under HSPD 12?

SecurID
Smart card
PIV
CAC

A

PIV

108
Q

Which of the following token-based solutions is considered the most secure?

OATH
OTP
TOTP
HOTP

A

TOTP

109
Q

Which of the following is the best way to secure NoSQL databases such as MongoDB?

Use the default port
Bind the interface to multiple IPs
Implement separate authentication methods
Encrypt the data after it is written to the database

A

Implement separate authentication methods

110
Q

Which of the following best describes a biometric false acceptance rate (FAR)?

The point at which acceptances and rejections are equal
Failure to identify a biometric image
Access allowed to an unauthorized user
Rejection of an authorized user

A

Access allowed to an unauthorized user

111
Q

Which of the following best describes a biometric false rejection rate (FRR)?

Access allowed to an unauthorized user
The point at which acceptances and rejections are equal
Rejection of an authorized user
Failure to identify a biometric image

A

Rejection of an authorized user

112
Q

Which directory services protocol should be implemented to protect against man-in-the-middle data interception attacks?

Shibboleth
Kerberos
LDAP
NTLM

A

Kerberos

113
Q

Which of the following is a type of “something you have” that uses a time-shifting key token?

SecurID
CAC
PIV
Smart card

A

SecurID

114
Q

Which type of password policy protects against reuse of the same password?

Expiration
Password complexity
Password history
Account lockout

A

Password history

115
Q

A user calls the help desk saying that she changed her password yesterday. She did not get any email on her mobile phone last night and she cannot log on this morning. Which password policy is most likely at fault for her difficulties?

Expiration
Account lockout
Password history
Password complexity

A

Account lockout

116
Q

Which of the following reduces the effectiveness of a good password policy?

Password recovery
Account lockout
Password reuse
Account disablement

A

Password reuse

117
Q

Which of the following is considered best practice when formulating minimum standards for developing password policies?

Account lockout threshold set to 0
Password length set to six characters
Maximum password age set to 0
Required password change at 90 days

A

Required password change at 90 days

118
Q

Which of the following is one of the first steps that must be taken to provide a secure account access environment?

Implement user access reviews
Initiate continuous account monitoring
Eliminate the use of shared accounts
Set user-assigned privileges

A

Eliminate the use of shared accounts

119
Q

Which of the following is used to create a user identity profile and get the necessary information required to describe the identity?

Least privilege
Onboarding
Recertification
Offboarding

A

Onboarding

120
Q

Which of the following policies addresses the need for other employees who can do the job of each employee so that corruption does not occur, and also helps minimize the impact when personnel leave their jobs?

Least privilege
Acceptable use
Privacy policy
Mandatory vacations

A

Mandatory vacations

121
Q

An organization is partnering with another organization that requires shared systems. Which of the following documents outlines how the shared systems will interface?

ISA
SLA
MOU
BPA

A

ISA

122
Q

Which of the following are steps an organization can take to be sure compliance and performance standards are met in third-party or partner agreements? (Select two correct answers.)

Review third-party arrangements and performance annually
Implement an acceptable use policy
Sign a data ownership agreement
Take appropriate action if the relationship presents elevated risk

A

Review third-party arrangements and performance annually

Take appropriate action if the relationship presents elevated risk

123
Q

Which of the following requires users to remove sensitive and confidential materials from workspaces and lock items that are not in use when they leave their workstations?

Clean desk policy
Tailgating training
Data handling policy
Phishing attack training

A

Clean desk policy

124
Q

Which of the following designates the amount of data loss that is sustainable and up to what point in time data recovery could happen before business is disrupted?

RTO
MTTF
RPO
MTBF

A

RPO

125
Q

Eliminating email to avoid the risk of email-borne viruses is an effective solution but is not likely to be a realistic approach for which of the following?

Risk acceptance
Risk transference
Risk mitigation
Risk avoidance

A

Risk avoidance

126
Q

Which of the following parties typically are notified first when a confirmed incident has occurred? (Select two correct answers.)

Press
CISO
End users
Legal

A

CISO

Legal

127
Q

In which of the following types of analysis might an examiner have difficulty proving that the evidence is original?

Log files
Big data
Disk-to-disk image
Disk-to-image file

A

Big data

128
Q

Which of the following information should be collected when collecting volatile data? (Select all correct answers.)

System date and time
Full disk image
Current open ports and applications listening on those ports
Current network connections

A

System date and time
Current open ports and applications listening on those ports
Current network connections

129
Q

Which of the following provides a clear record of the path evidence takes from acquisition to disposal?

Witness statements
Video capture
Chain of custody
Hashes

A

Chain of custody

130
Q

Which recovery site has only power, telecommunications, and networking active all the time?

Shielded site
Hot site
Warm site
Cold site

A

Warm site

131
Q

If an organization takes a full backup every Sunday morning and a daily differential backup each morning, what is the fewest number of backups that must be restored following a disaster on Friday?

5
6
1
2

A

2

132
Q

Which one of the following best provides an example of detective controls versus prevention controls?

IDS/camera versus IPS/guard
IPS versus guard
IPS/camera versus IDS/guard
IDS/IPS versus camera/guard

A

IDS/camera versus IPS/guard

133
Q

Which one of the following federal laws addresses privacy, data protection, and breach notification?

HIPAA
Gramm-Leach-Bliley Act
All answers are correct
Children’s Online Privacy Protection Act

A

All answers are correct

134
Q

Which of the following individual items are examples of PII? (Choose all correct answers.)

Home address
Gender
State of residence
Social security number

A

Home address

Social security number

135
Q

Which of the following is information that is unlikely to result in a high-level financial loss or serious damage to the organization but whose confidentiality should still be protected?

Confidential data
Private data
Public data
Sensitive data

A

Private data

136
Q

Which one of the following best describes diffusion?

A principle that states only secrecy of the key provides security
A key stretching technique in which a password is used as part of a KDF
A principle that if the plain text is changed, no matter how minor, then at least half of the cipher text should change
A principle that the plain-text input should be significantly changed in the resulting cipher text

A

A principle that if the plain text is changed, no matter how minor, then at least half of the cipher text should change

137
Q

Which of the following are elements provided by nonrepudiation? (Choose three correct answers.)

Proof of submission
Proof of concept
Proof of delivery
Proof of origin

A

Proof of submission
Proof of delivery
Proof of origin

138
Q

Which of the following algorithms are examples of a symmetric encryption algorithm? (Choose three correct answers.)

Rijndael
Diffie-Hellman
AES
RC6

A

Rijndael
AES
RC6

139
Q

Which of the following algorithms are examples of an asymmetric encryption algorithm? (Choose two correct answers.)

Elliptic curve
AES
3DES
RSA

A

Elliptic curve

RSA

140
Q

You are tasked with configuring your web server with strong cipher suites. Which of the following should you choose as part of your cipher suite? (Choose three correct answers.)

AES
SHA
RC4
RSA

A

AES
SHA
RSA

141
Q

Which one of the following EAP authentication protocols should you deploy to avoid having to deploy client or server certificates?

PEAP
EAP-TTLS
EAP-TLS
EAP-FAST

A

EAP-FAST

142
Q

Which of the following statements is true when comparing CCMP and TKIP?

TKIP is more resource-intensive than CCMP, but it supports longer keys.
CCMP is less resource-intensive than TKIP, and it supports longer keys.
CCMP is more resource-intensive than TKIP, but it supports longer keys.
TKIP is less resource-intensive than CCMP, and it supports longer keys.

A

CCMP is more resource-intensive than TKIP, but it supports longer keys

143
Q

To check the validity of a digital certificate, which one of the following is used?

Corporate security policy
Certificate policy
Certificate revocation list
Expired domain names

A

Certificate revocation list

144
Q

Which of the following is not a certificate trust model for arranging Certificate Authorities?

Bridge CA architecture
Sub-CA architecture
Single-CA architecture
Hierarchical CA architecture

A

Sub-CA architecture

145
Q

Which of the following are included within a digital certificate? (Choose all the correct answers.)

User’s public key
Digital signature of the issuing CA
User’s private key
Information about the user

A

User’s public key
Digital signature of the issuing CA
Information about the user

146
Q

Which of the following is not true about the expiration dates of certificates?

Certificates are issued only at 1-year intervals.
Certificates may be issued for 20 years.
Certificates must always have an expiration date.
Certificates may be issued for a week.

A

Certificates are issued only at 1-year intervals.

147
Q

What type of certificate supplies mechanisms to help prevent phishing attacks and provides the highest level of trust?

EV
OV
SAN
DV

A

EV

148
Q

Which one of the following is not true regarding DER-encoded certificates?

They are common to Java platforms.
The .cer and .crt extensions can be used instead of .der.
They include the BEGIN CERTIFICATE header.
They are binary-encoded.

A

They include the BEGIN CERTIFICATE header.

149
Q

Which one of the following mechanisms places the responsibility for handling certificate status requests on the web server instead of the CA?

OCSP pinning
CRL stapling
OCSP stapling
CRL pinning

A

OCSP stapling

SEC+ GCGA SY501 (6 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions