Practice Test (2) Flashcards by Anti Gondu

One of your colleagues attempted to ping a computer name and received the response of fe80::3281:80ea:b72b:0b55. What type of address did the colleague view?

IPv6

IPv4

MAC address

IPv6

An IPv6 address is a 128-bit address that uses hexadecimal values (0–9 and A–F)

How well did you know this?

Not at all

Perfectly

Which of the following defines the act of sending unsolicited messages to nearby Bluetooth devices?

Bluesnarfing

Brute force

Bluejacking

Bluejacking is the act of sending unsolicited messages from one Bluetooth device to another Bluetooth device such as smartphones, tablets, and laptop computers

How well did you know this?

Not at all

Perfectly

You are a system administrator and you are creating a public and private key pair. You have to specify the key strength. Which of the following would be your best choice?

RSA

DES

MD5

RSA

RSA is an asymmetric algorithm that uses private and public keys to encrypt and decrypt data

How well did you know this?

Not at all

Perfectly

You are the security administrator for the sales department and the department needs to email high volumes of sensitive information to clients to help close sales. All emails go through a DLP scanner. Which of the following is the best solution to help the department protect the sensitive information?

Automatically encrypt outgoing emails.

Monitor all outgoing emails.

Automatically encrypt incoming emails.

Automatically encrypt outgoing emails.

Automatically encrypting outgoing emails will protect the company’s sensitive email that may contain personally identifiable information. Should the email be intercepted, the attacker wouldn’t be able to read the information contained in the email

How well did you know this?

Not at all

Perfectly

You are the IT security officer of your company and have established a security policy that requires users to protect all sensitive documents to avoid their being stolen. What policy have you implemented?

Separation of duties

Clean desk

Job rotation

Clean desk

Clean desk policy ensures that all sensitive/confidential documents are removed from an end-user workstation and locked up when the documents are not in use

How well did you know this?

Not at all

Perfectly

Which of the following options can a security administrator deploy on a mobile device that will deter undesirable people from seeing the data on the device if it is left unattended?

Screen lock

Push notification services

Remote wipe

Screen lock

The screen lock option can be enabled to prevent an unauthorized person from viewing the data on a device should the owner leave it unattended. This option can be configured to enable within seconds to minutes if device is unattended

How well did you know this?

Not at all

Perfectly

You are a system administrator and are asked to prevent staff members from using each other’s credentials to access secured areas of the building. Which of the following will best address this request?

Install a biometric reader at the entrance of the secure area.

Install a proximity card reader at the entrance of the secure area.

Implement least privilege.

Install a biometric reader at the entrance of the secure area.

Biometrics are a person’s physical characteristics, such as a fingerprint, retina, hand geometry, and voice

How well did you know this?

Not at all

Perfectly

A sales manager has asked for an option for sales reps who travel to have secure remote access to your company’s database server. Which of the following should you configure for the sales reps?

VPN

WLAN

NAT

VPN

A virtual private network (VPN) creates an encrypted connection between a remote client and a private network over an insecure network such as the Internet

How well did you know this?

Not at all

Perfectly

An attacker tricks one of your employees into clicking on a malicious link that causes an unwanted action on the website the employee is currently authenticated to. What type of attack is this?

Replay

Cross-site request forgery

Cross-site scripting

Cross-site request forgery

A cross-site request forgery attack occurs when an attacker tricks a user into performing unwanted actions on a website the user is currently authenticated to

How well did you know this?

Not at all

Perfectly

Which of the following is considered the strongest access control?

RBAC

DAC

MAC

The correct answer is mandatory access control (MAC). Access is controlled by comparing security labels with security clearances such as Confidential, Secret, and Top Secret

How well did you know this?

Not at all

Perfectly

Your company wants to expand its data center, but has limited space to store additional hardware. The IT staff needs to continue their operations while expansion is underway. Which of the following would best accomplish this expansion idea?

IaaS

Virtualization

Public cloud

Virtualization

Virtualization allows the creation of virtual resources such as a server operating system. Multiple operating systems can run on one machine by sharing the resources such as RAM, hard drive, and CPU

How well did you know this?

Not at all

Perfectly

Which of the following algorithms have known collisions? (Choose two.)

MD5

AES

SHA

SHA-256

RSA

MD5

SHA

MD5 and SHA have known cases of collisions

How well did you know this?

Not at all

Perfectly

Which of the following must a security administrator implement to allow customers, vendors, suppliers, and other businesses to obtain information while preventing access to the company’s entire network?

Internet

Extranet

Honeynet

Extranet

An extranet will give customers, vendors, suppliers, and other business access to a controlled private network while preventing them from accessing the company’s entire network

How well did you know this?

Not at all

Perfectly

The head of HR is conducting an exit interview with an IT network administrator named Matt. The interview questions include Matt’s view of his manager, why he is leaving his current position, and what he liked most about his job. Which of the following should also be addressed in this exit interview?

Job rotation

Background checks

Property return form

A property return form properly records all equipment, keys, and badges that must be surrendered to the company when the employee leaves the company

How well did you know this?

Not at all

Perfectly

Which of the following is considered the least secure authentication method?

CHAP

NTLM

PAP

Password Authentication Protocol (PAP) is an authentication protocol that sends the username and password as plain text to the authentication server

How well did you know this?

Not at all

Perfectly

You are a security administrator for your company and have been asked to recommend a secure method for storing passwords due to recent brute-force attempts. Which of the following will provide the best protection? (Choose two.)

ROT13

BCRYPT

RIPEMD

PBKDF2

BCRYPT

PBKDF2

BCRYPT and PBKDF2 use key stretching to reduce brute-force attacks against vulnerabilities of encrypted keys. Both are considered password hashing functions

How well did you know this?

Not at all

Perfectly

You installed a WAP for a local coffee shop and have discovered the signal is extending into the parking lot. Which of the following configurations will best correct this issue?

Change the antenna type.

Disable the SSID broadcast.

Reduce the signal strength for indoor coverage only.

The correct answer is to reduce the signal strength for indoor coverage only. This action will prevent potential attackers from accessing the wireless access point and possibly compromising the users currently connected. Having the signal limited inside the business will help determine who is possibly connected

How well did you know this?

Not at all

Perfectly

You are a network administrator for a bank. A branch manager discovers that the deskside employees have the ability to delete lending policies found in a folder within the file server. You review the permissions and notice the deskside employees have “modify” permissions to the folder. The employees should have read permissions only. Which of the following security principles has been violated?

Time-of-day restrictions

Separation of duties

Least privilege

Least privilege gives users the lowest level of rights so they can do their job to limit the potential chance of security breach

How well did you know this?

Not at all

Perfectly

Which of the following concepts of cryptography ensures integrity of data by the use of digital signatures?

Steganography

Key exchange

Hashing

Hashing transforms a string of characters into a key that represents the original string. When the string of characters is transformed and compared to the original hash, it will identify whether the string has been modified

How well did you know this?

Not at all

Perfectly

Your manager has asked you to recommend a public key infrastructure component to store certificates that are no longer valid. Which of the following is the best choice?

Intermediate CA

CSR

CRL

A certificate revocation list (CRL) is a list of certificates that were revoked by a CA before their expiration date. The certificates listed in the CRL should not be considered trusted

You are a backup operator and receive a call from a user asking you to send sensitive documents immediately because their manager is going to a meeting with the company’s executives. The user states the manager’s files are corrupted and he is attending the meeting in the next 5 minutes. Which of the following forms of social engineering best describes this situation?

Scarcity

Consensus

Intimidation

The user is using an intimidation tactic to get the employee to take action quickly. Sometimes intimidation tactics can be combined with other principles such as urgency

Which of the following controls can you implement together to prevent data loss if a mobile device is lost or stolen? (Choose two.)

Geofencing

Full-device encryption

Screen locks

Push notification services

Full-device encryption

Screen locks

The correct answers are full-device encryption and screen locks. Full-device encryption encodes all the user’s data on a mobile device by using an encrypted key, and enabling screen lock prevents an unauthorized person from viewing the data on a device should the owner leave it unattended

A chief security officer (CSO) notices that a large number of contractors work for the company. When a contractor leaves the company, the provisioning team is not notified. The CSO wants to ensure the contractors cannot access the network when they leave. Which of the following polices best supports the CSO’s plan?

Account lockout policy

Enforce password history

Account expiration policy

Account expiration policy will prevent the contracts from attempting to access the network after they leave. The provisioning team can set a date when the contract is set to leave, and the user will not be able to have access to systems within the company’s network

The CISO wants to strengthen the password policy by adding special characters to users’ passwords. Which of the following control best achieves this goal?

Password complexity

Password length

Password history

Password complexity

Password complexity is a rule that demands inclusion of three of the four following character sets: lowercase letters, uppercase letters, numerals, and special characters

Which of the following deployment models allows a business to have more control of the devices given to employees that handle company information? COPE BYOD CYOD

CYOD CYOD (Choose Your Own Device) allows an employee to choose from a limited number of devices. The business can also limit the usage of the device to work activities only

A network administrator uses their fingerprint and enters a PIN to log onto a server. Which of the following best describes this example? Identification Single authentication Multifactor authentication

Multifactor authentication Multifactor authentication requires more than one method of authentication from independent credentials: something you know, something you have, and something you are

Your company wants to perform a privacy threshold assessment (PTA) to identify all PII residing in its systems before retiring hardware. Which of the following would be examples of PII? (Choose two.) Date of birth Email address Race Fingerprint

Email address Fingerprint The correct answers are email address and fingerprint. Personally identifiable information (PII) is any information that can be used to distinguish or trace an individual's identity

Your HIPS is incorrectly reporting legitimate network traffic as suspicious activity. What is this best known as? False positive False negative Credentialed

False positive The correct answer is a false positive. When legitimate data enters a system and the host intrusion prevention system (HIPS) mistakenly marks it as malicious, it is referred to as a false positive

Matt, a network administrator, is asking how to configure the switches and routers to securely monitor their status. Which of the following protocols would he need to implement on the devices? SNMP SMTP SNMPv3

SNMPv3 The correct answer is SNMPv3. Simple Network Management Protocol (SNMP) collects and organizes information about managed devices on an IP network. SNMPv3 is the newest version and its primary feature is enhanced security

Your company has issued a hardware token-based authentication to administrators to reduce the risk of password compromise. The tokens display a code that automatically changes every 30 seconds. Which of the following best describes this authentication mechanism? TOTP HOTP Smartcard

TOTP A Time-Based One-Time Password (TOTP) is a temporary passcode that is generated for the use of authenticating to a computer system and the passcode is valid for a certain amount of time—for example, 30 seconds

You are the network administrator for your company's Microsoft network. Your CISO is planning the network security and wants a secure protocol that will authenticate all users logging into the network. Which of the following authentication protocols would be the best choice? RADIUS TACACS+ Kerberos

Kerberos Kerberos is an authentication protocol that uses tickets to allow access to resources within the network

Which of the following is not a vulnerability of end-of-life systems? When systems can't be updated, firewalls and antiviruses are not sufficient protection. Out-of-date systems can result in fines in regulated industries. When an out-of-date system reaches the end-of-life, it will automatically shut down.

When an out-of-date system reaches the end-of-life, it will automatically shut down. The correct answer is C. This is not a vulnerability, because most systems will not automatically shut down when they have reached their end-of-life period

Which of the following statements are true regarding viruses and worms? (Choose two.) A virus is a malware that self-replicates over the network. A worm is a malware that self-replicates over the network. A virus is a malware that replicates by attaching itself to a file. A worm is a malware that replicates by attaching itself to a file.

A worm is a malware that self-replicates over the network. A virus is a malware that replicates by attaching itself to a file. A worm self-replicates itself over the network to consume bandwidth and a virus needs to be attached to a file to be replicated over the network

Which of the following wireless attacks would be used to impersonate another WAP to obtain unauthorized information from nearby mobile users? Rogue access point Evil twin Bluejacking

Evil twin An evil twin is a fake access point that looks like a legitimate one. The attacker will use the same network name and transmit beacons to get a user to connect. This allows the attacker to gain personal information without the end user knowing

Tony, a security administrator, discovered through an audit that all the company's access points are currently configured to use WPA with TKIP for encryption. Tony needs to improve the encryption on the access points. Which of the following would be the best option for Tony? WPA2 with CCMP WEP WPA with CCMP

WPA2 with CCMP WPA2 with CCMP provides data confidentiality and authentication. CCMP uses a 128-bit key, which is considered secured against attacks

Your department manager assigns Tony, a network administrator, the job of expressing the business and financial effects that a failed SQL server would cause if it was down for 4 hours. What type of analysis must Tony perform? Security audit Asset identification Business impact analysis

Business impact analysis Business impact analysis (BIA) usually identifies costs linked to failures. These costs may include equipment replacement, salaries paid to employees to catch up with loss of work, and loss of profits

You are the security administrator for a local hospital. The doctors want to prevent the data from being altered while working on their mobile devices. Which of the following would most likely accomplish the request? Cloud storage Wiping SIEM

Cloud storage Cloud storage offers protection from cyberattacks since the data is backed up. Should the data become corrupted, the hospital can recover the data from cloud storage

You are a Unix engineer, and on October 29 you discovered that a former employee had planted malicious code that would destroy 4,000 servers at your company. This malicious code would have caused millions of dollars worth of damage and shut down your company for at least a week. The malware was set to detonate at 9:00 a.m. on January 31. What type of malware did you discover? Logic bomb RAT Spyware

Logic bomb A logic bomb is a malicious code that is inserted intentionally and designed to execute under certain circumstances. It is designed to display a false message, delete or corrupt data, or have other unwanted effects

Which of the following is defined as hacking into a computer system for a politically or socially motivated purpose? Hacktivist Insider Script kiddie

Hacktivist A hacktivist's purpose is to perform hacktivism. This is the act of hacking into a computer system for a politically or socially motivated purpose

A network administrator with your company has received phone calls from an individual who is requesting information about their personal finances. Which of the following type of attack is occurring? Whaling Phishing Vishing

Vishing Vishing is a type of social engineering attack that tries to trick a person into disclosing secure information over the phone or a Voice over IP (VoIP) call

Which of the following can be restricted on a mobile device to prevent security violations? (Choose three.) Third-party app stores Biometrics Content management Rooting Sideloading

Third-party app stores Rooting Sideloading The correct answers are third-party app store, rooting, and sideloading. Restricting these options will increase the security of a device. Third-party app stores can carry apps that may contain malware. Companies will allow certain apps to be downloaded. Rooting is the process of gaining privileged control over a device. For a user with root access, anything is possible, such as installing new applications, uninstalling system applications, and revoking existing permissions. Sideloading is installing applications on a mobile device without using an official distributed scheme

Which of the following does a remote access VPN usually rely on? (Choose two.) IPSec DES SSL SFTP

IPSec SSL The correct answers are IPSec and SSL. IPSec protects IP packets that are exchanged between the remote network and an IPSec gateway, which is located on the edge of a private network. Secure Socket Layer (SSL) usually supplies a secure access to a single application

Matt, a security administrator, wants to use a two-way trust model for the owner of a certificate and the entity relying on the certificate. Which of the following is the best option to use? WPA Object identifiers PKI

PKI Public Key Infrastructure (PKI) distributes and identifies public keys to users and computers securely over a network. It also verifies the identity of the owner of the public key

If domain A trusts domain B, and domain B trusts domain C, then domain A trusts domain C. Which concept does this describe? Federation Single sign-on Transitive trust

Transitive trust Transitive trust is a two-way relationship that is created between parent and child domains in a Microsoft Active Directory forest. When a child domain is created, it will share the resources with its parent domain automatically. This allows an authenticated user to access resources in both the child and parent domains

A user entered a username and password to log into the company's network. Which of the following best describes the username? Authentication Identification Accounting

Identification Identification is used to identify a user within the system. It allows each user to distinguish itself from other users

Which of the following tools can be used to hide messages within a file? Data sanitization Steganography Tracert

Steganography Steganography is the practice of hiding a message such as a file within a picture

Which of the following is best used to prevent ARP poisoning on a local network? (Choose two.) Antivirus Static ARP entries Patching management Port security

Static ARP entries Port security The correct answers are static ARP entries and port security. Static ARP entry is the process of assigning a MAC address to an IP address to prevent an attacker from poisoning the cache. Disabling unused physical ports will prevent an attacker from plugging in their laptop and performing an ARP poisoning

Which of the following is the best practice to place at the end of an ACL? USB blocking MAC filtering Implicit deny

Implicit deny Implicit deny is placed at the bottom of the list. If traffic goes through the ACL list of rules and isn't explicitly denied or allowed, implicit deny will deny the traffic as it is the last rule. In other words, if traffic is not explicitly allowed within an access list, then by default it is denied