Practice Test 2

Question 1

Which of the following cryptographic related browser settings allows an organization to communicate securely?

Answer 1

SSL 3.0/TLS 1.0

Question 2

Peter, an employee, needs a certificate to encrypt data. Which of the following would issue Peter a certificate?

Answer 2

Certification authority

Question 3

A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describe?

Answer 3

Buffer Overflow

Question 4

Which of the following is a directional antenna that can be used in point-to-point or point-to-multi­point WiFi communication systems? (Select TWO).

A. Backfire
B. Dipole
C. Omni
D. PTZ
E. Dish

Answer 4

Backfire & Dish

Question 4

An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions.
Which of the following database designs provides the BEST security for the online store?

Answer 4

Hash the credential fields and use encryption for the credit card field.

Question 4

Based on information leaked to industry websites, business management is concerned that unauthorized employees are accessing critical project information for a major, well-known new product. To identify any such users, the security administrator could:

Answer 4

Set up a honeypot and place false project documentation on an unsecure share.

Question 5

Which of the following is a security benefit of providing additional HVAC capacity or increased tonnage in a datacenter?

Answer 5

Longer Mean Time Between Failures of hardware due to lower operating temperatures. One year lifetime usually, thus cooler HVAC extends life.

Question 5

Which of the following is the BEST reason to provide user awareness and training programs for organizational staff?

Answer 5

To reduce organizational IT risk

Question 5

Which of the following is characterized by an attack against a mobile device?

Answer 5

Blue jacking

Question 6

Which of the following components MUST be trusted by all parties in PKI?

Answer 6

Certificate Authority.

Question 7

Which of the following security strategies allows a company to limit damage to internal systems and provides loss control?

Answer 7

Containment Strategies

Question 8

Jane, an individual, has recently been calling various financial offices pretending to be another person to gain financial information. Which of the following attacks is being described?

Answer 8

Vishing (Voice over IP Phishing)

Question 9

Which of the following results in datacenters with failed humidity controls? (Select TWO).

A. Excessive EMI
B. Electrostatic charge
C. Improper ventilation
D. Condensation
E. Irregular temperature

Answer 9

Electrostatic Charge & Condensation

Question 10

A retail store uses a wireless network for its employees to access inventory from anywhere in the store. Due to concerns regarding the aging wireless network, the store manager has brought in a consultant to harden the network. During the site survey, the consultant discovers that the network was using WEP encryption. Which of the following would be the BEST course of action for the consultant to recommend?

Answer 10

Change the encryption used so that the encryption protocol is CCMP-based (Counter Mode Cipher Block Chaining Message Authentication Code Protocol).

Question 11

A small company has recently purchased cell phones for managers to use while working outside if the office.
The company does not currently have a budget for mobile device management and is primarily concerned with deterring leaks if sensitive information obtained by unauthorized access to unattended phones. Which of the following would provide the solution BEST meets the company’s requirements?

Answer 11

Screen Lock

Question 12

A small company has a website that provides online customer support. The company requires an account recovery process so that customers who forget their passwords can regain access.
Which of the following is the BEST approach to implement this process?

Answer 12

Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login

Question 13

The system administrator has been notified that many users are having difficulty connecting to the company’s wireless network. They take a new laptop and physically go to the access point and connect with no problems. Which of the following would be the MOST likely cause?

Answer 13

An unauthorized access point has been configured to operate on the same channel.

Question 14

Which of the following is the term for a fix for a known software problem?

Answer 14

Patch

Question 15

A company determines a need for additional protection from rogue devices plugging into physical ports around the building.
Which of the following provides the highest degree of protection from unauthorized wired network access?

Answer 15

IEEE 802.1x, (Port-based Network Access Control)

Question 16

Which of the following describes the purpose of an MOU?

Answer 16

Define responsibilities of each party

Question 17

Peter, the security administrator, has been notified by the IDS that the company website is under attack. Analysis of the web logs show the following string, indicating a user is trying to post a comment on the public bulletin board.
INSERT INTO message `
This is an example of which of the following?

Answer 17

XSS attack, Cross Site Scripting

Question 18

While securing a network it is decided to allow active FTP(File Transfer Protocol) connections into the network. Which of the following ports MUST be configured to allow active FTP connections? (Select TWO).

A. 20
B. 21
C. 22
D. 68
E. 69

Answer 18

20, 21

Question 19

A security administrator wants to implement a solution which will allow some applications to run under the user’s home directory and only have access to files stored within the same user’s folder, while other applications have access to shared folders. Which of the following BEST addresses these requirements if the environment is concurrently shared by multiple users?

Answer 19

Process Sandboxing

Question 20

The finance department just procured a software application that needs to communicate back to the vendor server via SSL. Which of the following default ports on the firewall must the security engineer open to accomplish this task?

Answer 20

443

Question 21

Which of the following is the MOST secure protocol to transfer files?

Answer 21

FTPS(File Transfer Protocol Secure)

Question 22

A company executive’s laptop was compromised, leading to a security breach. The laptop was placed into storage by a junior system administrator and was subsequently wiped and re-imaged. When it was determined that the authorities would need to be involved, there was little evidence to present to the investigators. Which of the following procedures could have been implemented to aid the authorities in their investigation?

Answer 22

A system image should have been created and stored

Question 23

If Organization A trusts Organization B and Organization B trusts Organization C, then Organization A trusts Organization C. Which of the following PKI concepts is this describing?

Answer 23

Transitive trust

Question 24

Which of the following steps of incident response does a team analyze the incident and determine steps to prevent a future occurrence?

Answer 24

Lessons learned

Question 25

Which of the following passwords is the LEAST complex?

Answer 25

Mytr@in!!

Question 25

Which of the following concepts is used by digital signatures to ensure integrity of the data?

Answer 25

Hashing

Question 26

A corporation has experienced several media leaks of proprietary data on various web forums. The posts were made during business hours and it is believed that the culprit is posting during work hours from a corporate machine. The Chief Information Officer (CIO) wants to scan internet traffic and keep records for later use in legal proceedings once the culprit is found. Which of the following provides the BEST solution?

Answer 26

Protocol analyzer

Question 26

A CA is compromised and attacks start distributing maliciously signed software updates. Which of the following can be used to warn users about the malicious activity?

Answer 26

Certificate revocation list

Question 27

It is important to staff who use email messaging to provide PII to others on a regular basis to have confidence that their messages are not intercepted or altered during transmission. They are concerned about which of the following types of security control?

Answer 27

Integrity

Question 28

Which of the following should be performed to increase the availability of IP telephony by prioritizing traffic?

Answer 28

Quality of Service

Question 29

Due to limited resources, a company must reduce their hardware budget while still maintaining availability. Which of the following would MOST likely help them achieve their objectives?

Answer 29

Virtualization

Question 30

A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that when called, asks for sensitive information. After further investigation, the security administrator notices that a fake link was sent to several users. This is an example of which of the following attacks?

Answer 30

Phishing

Question 31

A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network?

Answer 31

DMZ(demilitarized zone sometimes referred to as a perimeter network.

Question 32

Matt, a forensic analyst, wants to obtain the digital fingerprint for a given message. The message is 160-bits long. Which of the following hashing methods would Matt have to use to obtain this digital fingerprint?

Answer 32

SHA1(Secure Hash Algorithm)

Question 33

An advantage of virtualizing servers, databases, and office applications is:

Answer 33

Centralized Management

Question 33

Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing data in use?

Answer 33

Endpoint protection

Question 34

Which of the following is true about the recovery agent?

Answer 34

It can decrypt messages of users who lost their private key.

Question 35

A network administrator is asked to send a large file containing PII to a business associate.
Which of the following protocols is the BEST choice to use?

Answer 35

SFTP(Secure File Transfer Protocol)

Question 36

A major security risk with co-mingling of hosts with different security requirements is:

Answer 36

Security policy violations

Question 37

Prior to leaving for an extended vacation, Peter uses his mobile phone to take a picture of his family in the house living room. Peter posts the picture on a popular social media site together with the message: “Heading to our two weeks vacation to Italy.” Upon returning home, Peter discovers that the house was burglarized. Which of the following is the MOST likely reason the house was burglarized if nobody knew Peter’s home address?

Answer 37

The picture uploaded to the social media site was geo-tagged by the mobile phone.

Question 38

A security Operations Center was scanning a subnet for infections and found a contaminated machine. One of the administrators disabled the switch port that the machine was connected to, and informed a local technician of the infection. Which of the following steps did the administrator perform?
A. Escalation
B. Identification
C. Notification
D. Quarantine
E. Preparation

Answer 38

Notification & Quarantine

Question 39

A resent OS patch caused an extended outage. It took the IT department several hours to uncover the cause of the issue due to the system owner who installed the patch being out of the office. Which of the following could help reduce the likelihood of this situation occurring in the future?

Answer 39

Change management procedures

Question 40

Which of the following devices is used for the transparent security inspection of network traffic by redirecting user packets prior to sending the packets to the intended destination?

Answer 40

Proxies

Question 41

Which of the following would be used as a secure substitute for Telnet?

Answer 41

SSH(Secure Shell)

Question 42

The act of magnetically erasing all of the data on a disk is known as:

Answer 42

Degaussing

Question 43

An organization recently switched from a cloud-based email solution to an in-house email server. The firewall needs to be modified to allow for sending and receiving email. Which of the following ports should be open on the firewall to allow for email traffic? (Select THREE).

A. TCP 22
B. TCP 23
C. TCP 25
D. TCP 53
E. TCP 110
F. TCP 143
G. TCP 445

Answer 43

TCP 25, TCP 110, TCP 143

Question 44

Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended?

Answer 44

Screen Lock

Question 45

Which of the following is the below pseudo-code an example of?
IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT

Answer 45

Input validation

Question 46

Encryption of data at rest is important for sensitive information because of which of the following?

Answer 46

Prevents data from being accessed following theft of physical equipment

Question 47

A security technician needs to open ports on a firewall to allow for domain name resolution.
Which of the following ports should be opened? (Select TWO).

A. TCP 21
B. TCP 23
C. TCP 53
D. UDP 23
E. UDP 53

Answer 47

TCP 53, UDP 53

Question 48

Which of the following is an advantage of implementing individual file encryption on a hard drive which already deploys full disk encryption?

Answer 48

Individually encrypted files will remain encrypted when copied to external media

Question 49

Certificates are used for: (Select TWO).

A. Client authentication.
B. WEP encryption.
C. Access control lists.
D. Code signing.
E. Password hashing.

Answer 49

Client Authentication, Code Signing

Question 50

The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice would BEST protect people from which of the following?

Answer 50

Cognitive passwords attacks

Question 51

An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?

Answer 51

SSL(Secure Sockets Layer)

Question 52

Which of the following concepts defines the requirement for data availability?

Answer 52

Disaster recovery planning

Question 53

Which of the following ports and protocol types must be opened on a host with a host-based firewall to allow incoming SFTP connections?

Answer 53

22/TCP

Question 54

An auditor is given access to a conference room to conduct an analysis. When they connect their laptop’s Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light. Which of the following is MOST likely causing this issue?

Answer 54

Network Access Control

Question 55

Which of the following could cause a browser to display the message below?
“The security certificate presented by this website was issued for a different website’s address.”

Answer 55

HTTPS://127.0.01 was used instead of HTTPS://localhost.

Question 56

Employee badges are encoded with a private encryption key and specific personal information.
The encoding is then used to provide access to the network. Which of the following describes this access control type?

Answer 56

Smartcard

Question 57

Which of the following allows an organization to store a sensitive PKI component with a trusted third party?

Answer 57

Key escrow

Question 58

Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches?

Answer 58

TACACS+

Question 59

A user in the company is in charge of various financial roles but needs to prepare for an upcoming audit. They use the same account to access each financial system. Which of the following security controls will MOST likely be implemented within the company?

Answer 59

Separation of duties

Question 60

Which of the following is an important implementation consideration when deploying a wireless network that uses a shared password?

Answer 60

Key length

Question 61

A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the following would fulfill the CISO’s requirements?

Answer 61

USB token and PIN

Question 62

Which of the following is BEST utilized to identify common misconfigurations throughout the enterprise?

Answer 62

Vulnerability scanning

Question 63

Which of the following is a requirement when implementing PKI if data loss is unacceptable?

Answer 63

Key escrow

Question 64

Ann wants to send a file to Peter using PKI. Which of the following should Ann use in order to sign the file?

Answer 64

Ann’s private key

Question 65

One of the most basic ways to protect the confidentiality of data on a laptop in the event the device is physically stolen is to implement which of the following?

Answer 65

Whole disk encryption with two-factor authentication

Question 66

A company has recently implemented a high density wireless system by having a junior technician install two new access points for every access point already deployed. Users are now reporting random wireless disconnections and slow network connectivity. Which of the following is the MOST likely cause?

Answer 66

A site survey was not conducted

Question 67

Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host?

Answer 67

Disabling unnecessary services

Question 68

Peter analyzed the following log and determined the security team should implement which of the following as a mitigation method against further attempts?
Host 192.168.1.123
[00:
00: 01]Successful Login: 015 192.168.1.123 : local
[00:
00: 03]Unsuccessful Login: 022 214.34.56.006 : RDP 192.168.1.124
[00:
00: 04]UnSuccessful Login: 010 214.34.56.006 : RDP 192.168.1.124
[00:
00: 07]UnSuccessful Login: 007 214.34.56.006 : RDP 192.168.1.124
[00:
00: 08]UnSuccessful Login: 003 214.34.56.006 : RDP 192.168.1.124

Answer 68

Hardening

Question 69

A company’s chief information officer (CIO) has analyzed the financial loss associated with the company’s database breach. They calculated that one single breach could cost the company $1,000,000 at a minimum. Which of the following documents is the CIO MOST likely updating?

Answer 69

Business impact analysis

Question 70

Peter, the Chief Executive Officer (CEO) of a company, has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Peter?

Answer 70

Succession planning

Question 71

An administrator needs to secure a wireless network and restrict access based on the hardware address of the device. Which of the following solutions should be implemented?

Answer 71

Enable MAC filtering

Question 72

Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk?

Answer 72

Change management

Question 73

An administrator notices that former temporary employees’ accounts are still active on a domain.
Which of the following can be implemented to increase security and prevent this from happening?

Answer 73

Run a last logon script to look for inactive accounts.

Question 74

Which of the following is a best practice when securing a switch from physical access?

Answer 74

Disable unused ports

Question 75

A network administrator wants to block both DNS requests and zone transfers coming from outside IP addresses. The company uses a firewall which implements an implicit allow and is currently configured with the following ACL applied to its external interface.
PERMIT TCP ANY ANY 80
PERMIT TCP ANY ANY 443
Which of the following rules would accomplish this task? (Select TWO).

A. Change the firewall default settings so that it implements an implicit deny
B. Apply the current ACL to all interfaces of the firewall
C. Remove the current ACL
D. Add the following ACL at the top of the current ACL DENY TCP ANY ANY 53
E. Add the following ACL at the bottom of the current ACL DENY ICMP ANY ANY 53
F. Add the following ACL at the bottom of the current ACL DENY IP ANY ANY 53

Answer 75

Change the firewall default settings so that it implements an implicit deny, Add the following ACL at the bottom of the current ACL DENY IP ANY ANY 53

Question 76

The process of making certain that an entity (operating system, application, etc.) is as secure as it can be is known as:

Answer 76

Hardening

Question 77

An incident occurred when an outside attacker was able to gain access to network resources. During the incident response, investigation security logs indicated multiple failed login attempts for a network administrator. Which of the following controls, if in place could have BEST prevented this successful attack?

Answer 77

Account lockout

Question 78

Four weeks ago, a network administrator applied a new IDS and allowed it to gather baseline data. As rumors of a layoff began to spread, the IDS alerted the network administrator that access to sensitive client files had risen far above normal. Which of the following kind of IDS is in use?

Answer 78

Anomaly based

Question 79

To protect corporate data on removable media, a security policy should mandate that all removable devices use which of the following?

Answer 79

Full disk encryption

Question 80

A user has unknowingly gone to a fraudulent site. The security analyst notices the following system change on the user’s host:
Old hosts’ file: 127.0.0.1 localhost New hosts’ file:
127.0.0.1 localhost
5.5.5.5 www.comptia.com
Which of the following attacks has taken place?

Answer 80

Pharming

Question 81

Which of the following BEST explains Platform as a Service?

Answer 81

An external group providing operating systems installed on virtual servers with web applications

Question 82

Which of the following MOST specifically defines the procedures to follow when scheduled system patching fails resulting in system outages?

Answer 82

Change management

Question 83

Which of the following is used by the recipient of a digitally signed email to verify the identity of the sender?

Answer 83

Sender’s public key