Practice Questions 97-108 Flashcards
You are tasked with configuring a switch so that it separates VoIP and data traffic. Which provides the BEST solution? A.NAC B. DMZ C. SRTP D. VLAN
A virtual local area network (VLAN) provides separation for traffic and can be configured to separate Voice over IP (VoIP) traffic and data traffic .
Your organization host an e-commerece business that has become quiet successful recently. It includes a web farm and a database server within the DMZ. IT management is concerned that there isn't enough staff working around the clock to protect these servers. Which would provide the BEST automated protection for these servers? A. NIDS and HIDS B. NIPS and HIPS C. SIEM and NIPS D. SIEM and NIDS
Network-based intrusion prevention system (NIPS) protect the DMZ and Host based intrusion prevention systems (HIPS) on the database server and web servers.
Management is concerned about malicious activity and wants to implement a security control that will detect unusual traffic on the network. Which is the BEST choice to meet this goal? A Network based firewall B. Signature-based IDS C. Anomaly-based IDS D. Honeynet
An anomaly based (behavior based) intrusion detection system (IDS) compares activity with a previously created baseline to detect any anomalies or unusual traffic on a network.
Of the following choices what can you used to divert malicious attacks on your network away from valuable data to worthless fabricated data? A. IPS B. Proxy Server C. Web application firewall D. Honeypot
A honeypot can divert malicious attacks to a harmless area of your network such as away from production servers holding valid data.
Your organization frequently has guest visiting in various conference rooms throughout the building. These guests need access to the Internet via wireless network, but should not be able to access internal network resources. Employees need access to both the internal network and the Internet. Which would BEST meet this need? A. NAT B. DMZ C. VPN D. 802.1x
An 802.1x server provides port-based authentication and can authenticate clients.
Management asks you if you can modify the wireless network to prevent users from easily discovering it. Which would you modify to meet this goal? A. CCMP B. WPA2 Enterprise C. SSID broadcast D. MAC address filter
You can disable service set identifier (SSID) broadcasting to prevent users from easily discovering the wireless network.
Marge, a security administrator is tasked with ensuring that all devices have updated virus definition files before they can access network resources. Which technology would help accomplish this goal. A. NIDS B. NAC C. DLP D.DMZ
Network Access Controls (NAC) inspects clients for health, including having up-to -date virus definition files and can restrict network access to unhealthy clients to a remediation network.
Your organization is hosting a wireless network with an 802.1x server using PEAP. On Thursday, users report they can no longer access the wireless network, but they can access it on the previous day. Administrators verified the network configuration matches the baseline, there aren't any hardware outages, and the the wired network is operational. Which is the MOST likely cause for this problem? A. The RADIUS server certificate expired B. DNS is issuing incorrect host names C. DHCP is issuing duplicate IP adresses D. MAC filtering is enabled
Remote Authentication Dial-User Service (RADIUS) server certificate expired. An 802.1x is implemented as a RADIUS server and Protected Extensible Authentication Protocol (PEAP) requires a certificate which is key clue in the question.
Lisa had created an application on her development computer. She wants to test it on a Linux-based computer she commonly uses for testing. However, she wants to ensure it is isolated when she tests it. Which is the BEST solution to meet her needs? A. Use chroot B. Sideload the application C. Use FDE D. Use chmod
The chroot command isolates the application within a sandbox.
Your organization recently purchased some laptops that include a TPM. Which BEST identifies what the TPM provides?
A. Detection of unauthorized data transfer
B. A hardware root of trust
C. Sandboxing
D. An external security device used to store cryptographic keys.
Trusted Platform Module (TPM) includes an encryption key burned into the chip and this key provides a hardware root of trust.
Your organization has recently rented access to computing resources via a cloud. Administrators within your organization apply patches to the operating system. Which choice BEST describes this cloud deployment model? A. Community B. Software as a Service C. Infrastructure as Service D. Hybrid
Infrastructure as a Service (IaaS) us a cloud computing option where the vendor provides access to a computer, but customers must manage the system, including keeping it up to date with current patches.
Homer noticed that several generators within the nuclear power plant have been turning on without awe interaction. Security investigators discovered that an unauthorized file was installed, causing these generators to start at times intervals. Further, they determined this file was installed during a visit by external engineers. What should Homer recommend to migrate this threat in the future?
A. Create an internal CA
B. Implement WPA2 Enterprise
C. Implement patch management processes.
D. Configure the SCADA within a VLAN.
The generators are likely controls within the Supervisory control and data acquisition (SCADA) system and isolating them within a virtual local area (VLAN) will protect them from unauthorized access.
