Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security + exam > Practice Question 73-84 > Flashcards

Practice Question 73-84 Flashcards

1
Q

An administrator recently learned of a suspected attack on a Florida-based web server from IP address 72.52.206.134 at 01:45:43 GMT However, after investigating the logs, he doesn’t see any traffic from that IP at that time. Which id the MOST likely reason why the administrators was unable identify the traffic?
A. He did not account for time offsets
B. He did not capture an image
C. The IP address has expired
D. The logs were erased when the system was rebooted

A

The most likely reason is that he did not account for the time offset. The attack occurred on GMT and the web servers in EST which is a five hours different from GMT.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Social engineers have launched several successful phone-based attacks against your organization resulting in several data leaks. Which would be MOST effective at reducing the success of these attacks?
A. Implement a BYOD policy
B. Update the AUP
C. Provide training on data handling
D. Implement a program to increase security awareness

A

Implementing a program to increase security awareness, it could focus on social engineering attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q 
Management has implemented a policy starting that messages sent between upper level executives must arrive without any changes. The IT department is tasked with implementing technical controls to meet this need. Which security goal does this policy address?
A. Confidentiality 
B. Integrity
C. Availability 
D. Authentication
A

Integrity provides assurance that data has not been modified and integrity is commonly enforced with hashing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q 
Your organization recently implemented two servers that act as failover devices for each other. Which security goal is your goal pursuing?
A. Obfuscation
B. Integrity 
C. Confidentiality 
D. Availability
A

Failover devices increases availability. A failover cluster uses redundant servers to ensure a service will continue to operate even if one of the servers fail.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

You are tasked with improving the overall security for a database server. Which is a preventive control that will assist with this goal?
A. Disabling unnecessary services
B. Identifying the initial baseline configuration
C. Monitoring logs for trends
D. Implementing a backup and restore plan

A

Disabling unnecessary services is one of the several steps that you can take to Harden a server, it is a preventive control to operate because it helps prevent an incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q 
An IT department recently had its hardware locks budget reduced, but the organization still expects them to maintain availability of services. Which choice would be BEST help them with maintain availability with a reduced budget?
A. Fallover cluster
B. Virtualization
C. Bollards
D. Hashing
A

Virtualization provides increased availability because it is much easier to rebuild a virtual server than a physical server after a failure, it supports a reduced budget because virtual servers require less hardware, space in data center, less power and less heating and AC.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q 
You want to test new security controls before deploying them. Which technologies provides the MOST flexibility to meet this goal?
A. Baselines 
B. Hardening techniques 
C. Virtualization 
D. Patch management programs
A

Virtualization provides a high degree of flexibility when testing security controls because tester can easily rebuild virtual systems or revert them using a snapshot

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q 
You suspect that traffic in your network is being rerouted to an unauthorized router within your network. Which command-line tools would help you narrow down the problem?
A. ping
B. traceart 
C. ifconfig 
D. net stat
A

Traceart tracks packet flow through a network and if an extra router has been added to your network, traceart will identify it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q 
The First Bank of Springfield has been experiencing widespread fraud recently. Attacker are transferring funds out of customers accounts to other banks. The bank began requiring customers to obtain credentials in person at the bank . However, this hasn't reduced the number of fraudulent transactions. After reviewing available logs, investigators determined that these fraudulent transactions are conducted with the customer's actual credentials. Which security controls should be strengthened to reduce these incidents?
A.Authentication 
B. Identification
C. Accounting
D. Authorization
A

Authentication should be increased by forcing users to use stronger passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q 
An outside security auditor recently completed an in-depth security audit on your network. One of the issues he reported was related to to passwords. Specifically, he found the following passwords used on the network , 1@W2 and G7bT3. Which should be changed to avoid the problem shown with these passwords?
A. Password complexity 
B. Password length 
C. Password history 
D. Password reuse
A

The password policy should be be changed to increase the minimum password length of passwords.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security + exam (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions