Practice Test 2 Flashcards by Keith Harley

Which of the following cryptographic related browser settings allows an organization to communicate securely?

SSL 3.0/TLS 1.0

How well did you know this?

Not at all

Perfectly

Peter, an employee, needs a certificate to encrypt data. Which of the following would issue Peter a certificate?

Certification authority

How well did you know this?

Not at all

Perfectly

A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describe?

Buffer Overflow

How well did you know this?

Not at all

Perfectly

Which of the following is a directional antenna that can be used in point-to-point or point-to-multipoint WiFi communication systems? (Select TWO).

A. Backfire
B. Dipole
C. Omni
D. PTZ
E. Dish

Backfire & Dish

How well did you know this?

Not at all

Perfectly

An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions.
Which of the following database designs provides the BEST security for the online store?

Hash the credential fields and use encryption for the credit card field.

How well did you know this?

Not at all

Perfectly

Based on information leaked to industry websites, business management is concerned that unauthorized employees are accessing critical project information for a major, well-known new product. To identify any such users, the security administrator could:

Set up a honeypot and place false project documentation on an unsecure share.

How well did you know this?

Not at all

Perfectly

Which of the following is a security benefit of providing additional HVAC capacity or increased tonnage in a datacenter?

Longer Mean Time Between Failures of hardware due to lower operating temperatures. One year lifetime usually, thus cooler HVAC extends life.

How well did you know this?

Not at all

Perfectly

Which of the following is the BEST reason to provide user awareness and training programs for organizational staff?

To reduce organizational IT risk

How well did you know this?

Not at all

Perfectly

Which of the following is characterized by an attack against a mobile device?

Blue jacking

How well did you know this?

Not at all

Perfectly

Which of the following components MUST be trusted by all parties in PKI?

Certificate Authority.

How well did you know this?

Not at all

Perfectly

Which of the following security strategies allows a company to limit damage to internal systems and provides loss control?

Containment Strategies

How well did you know this?

Not at all

Perfectly

Jane, an individual, has recently been calling various financial offices pretending to be another person to gain financial information. Which of the following attacks is being described?

Vishing (Voice over IP Phishing)

How well did you know this?

Not at all

Perfectly

Which of the following results in datacenters with failed humidity controls? (Select TWO).

A. Excessive EMI
B. Electrostatic charge
C. Improper ventilation
D. Condensation
E. Irregular temperature

Electrostatic Charge & Condensation

How well did you know this?

Not at all

Perfectly

A retail store uses a wireless network for its employees to access inventory from anywhere in the store. Due to concerns regarding the aging wireless network, the store manager has brought in a consultant to harden the network. During the site survey, the consultant discovers that the network was using WEP encryption. Which of the following would be the BEST course of action for the consultant to recommend?

Change the encryption used so that the encryption protocol is CCMP-based (Counter Mode Cipher Block Chaining Message Authentication Code Protocol).

How well did you know this?

Not at all

Perfectly

A small company has recently purchased cell phones for managers to use while working outside if the office.
The company does not currently have a budget for mobile device management and is primarily concerned with deterring leaks if sensitive information obtained by unauthorized access to unattended phones. Which of the following would provide the solution BEST meets the company’s requirements?

Screen Lock

How well did you know this?

Not at all

Perfectly

A small company has a website that provides online customer support. The company requires an account recovery process so that customers who forget their passwords can regain access.
Which of the following is the BEST approach to implement this process?

Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login

How well did you know this?

Not at all

Perfectly

The system administrator has been notified that many users are having difficulty connecting to the company’s wireless network. They take a new laptop and physically go to the access point and connect with no problems. Which of the following would be the MOST likely cause?

An unauthorized access point has been configured to operate on the same channel.

How well did you know this?

Not at all

Perfectly

Which of the following is the term for a fix for a known software problem?

Patch

How well did you know this?

Not at all

Perfectly

A company determines a need for additional protection from rogue devices plugging into physical ports around the building.
Which of the following provides the highest degree of protection from unauthorized wired network access?

IEEE 802.1x, (Port-based Network Access Control)

How well did you know this?

Not at all

Perfectly

Which of the following describes the purpose of an MOU?

Define responsibilities of each party

How well did you know this?

Not at all

Perfectly

Peter, the security administrator, has been notified by the IDS that the company website is under attack. Analysis of the web logs show the following string, indicating a user is trying to post a comment on the public bulletin board.
INSERT INTO message `
This is an example of which of the following?

XSS attack, Cross Site Scripting

How well did you know this?

Not at all

Perfectly

While securing a network it is decided to allow active FTP(File Transfer Protocol) connections into the network. Which of the following ports MUST be configured to allow active FTP connections? (Select TWO).

A. 20
B. 21
C. 22
D. 68
E. 69

20, 21

How well did you know this?

Not at all

Perfectly

A security administrator wants to implement a solution which will allow some applications to run under the user’s home directory and only have access to files stored within the same user’s folder, while other applications have access to shared folders. Which of the following BEST addresses these requirements if the environment is concurrently shared by multiple users?

Process Sandboxing

How well did you know this?

Not at all

Perfectly

The finance department just procured a software application that needs to communicate back to the vendor server via SSL. Which of the following default ports on the firewall must the security engineer open to accomplish this task?

443

How well did you know this?

Not at all

Perfectly

Which of the following is the MOST secure protocol to transfer files?

FTPS(File Transfer Protocol Secure)

A company executive’s laptop was compromised, leading to a security breach. The laptop was placed into storage by a junior system administrator and was subsequently wiped and re-imaged. When it was determined that the authorities would need to be involved, there was little evidence to present to the investigators. Which of the following procedures could have been implemented to aid the authorities in their investigation?

A system image should have been created and stored

If Organization A trusts Organization B and Organization B trusts Organization C, then Organization A trusts Organization C. Which of the following PKI concepts is this describing?

Transitive trust

Which of the following steps of incident response does a team analyze the incident and determine steps to prevent a future occurrence?

Lessons learned

Which of the following passwords is the LEAST complex?

Mytr@in!!

Which of the following concepts is used by digital signatures to ensure integrity of the data?

Hashing

A corporation has experienced several media leaks of proprietary data on various web forums. The posts were made during business hours and it is believed that the culprit is posting during work hours from a corporate machine. The Chief Information Officer (CIO) wants to scan internet traffic and keep records for later use in legal proceedings once the culprit is found. Which of the following provides the BEST solution?

Protocol analyzer

A CA is compromised and attacks start distributing maliciously signed software updates. Which of the following can be used to warn users about the malicious activity?

Certificate revocation list

It is important to staff who use email messaging to provide PII to others on a regular basis to have confidence that their messages are not intercepted or altered during transmission. They are concerned about which of the following types of security control?

Integrity

Which of the following should be performed to increase the availability of IP telephony by prioritizing traffic?

Quality of Service

Due to limited resources, a company must reduce their hardware budget while still maintaining availability. Which of the following would MOST likely help them achieve their objectives?

Virtualization

A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that when called, asks for sensitive information. After further investigation, the security administrator notices that a fake link was sent to several users. This is an example of which of the following attacks?

Phishing

A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network?

DMZ(demilitarized zone sometimes referred to as a perimeter network.

Matt, a forensic analyst, wants to obtain the digital fingerprint for a given message. The message is 160-bits long. Which of the following hashing methods would Matt have to use to obtain this digital fingerprint?

SHA1(Secure Hash Algorithm)

An advantage of virtualizing servers, databases, and office applications is:

Centralized Management

Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing data in use?

Endpoint protection

Which of the following is true about the recovery agent?

It can decrypt messages of users who lost their private key.

A network administrator is asked to send a large file containing PII to a business associate. Which of the following protocols is the BEST choice to use?

SFTP(Secure File Transfer Protocol)

A major security risk with co-mingling of hosts with different security requirements is:

Security policy violations

Prior to leaving for an extended vacation, Peter uses his mobile phone to take a picture of his family in the house living room. Peter posts the picture on a popular social media site together with the message: “Heading to our two weeks vacation to Italy.” Upon returning home, Peter discovers that the house was burglarized. Which of the following is the MOST likely reason the house was burglarized if nobody knew Peter’s home address?

The picture uploaded to the social media site was geo-tagged by the mobile phone.

A security Operations Center was scanning a subnet for infections and found a contaminated machine. One of the administrators disabled the switch port that the machine was connected to, and informed a local technician of the infection. Which of the following steps did the administrator perform? A. Escalation B. Identification C. Notification D. Quarantine E. Preparation

Notification & Quarantine

A resent OS patch caused an extended outage. It took the IT department several hours to uncover the cause of the issue due to the system owner who installed the patch being out of the office. Which of the following could help reduce the likelihood of this situation occurring in the future?

Change management procedures

Which of the following devices is used for the transparent security inspection of network traffic by redirecting user packets prior to sending the packets to the intended destination?

Proxies

Which of the following would be used as a secure substitute for Telnet?

SSH(Secure Shell)

The act of magnetically erasing all of the data on a disk is known as:

Degaussing

An organization recently switched from a cloud-based email solution to an in-house email server. The firewall needs to be modified to allow for sending and receiving email. Which of the following ports should be open on the firewall to allow for email traffic? (Select THREE). A. TCP 22 B. TCP 23 C. TCP 25 D. TCP 53 E. TCP 110 F. TCP 143 G. TCP 445

TCP 25, TCP 110, TCP 143

Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended?

Screen Lock

Which of the following is the below pseudo-code an example of? IF VARIABLE (CONTAINS NUMBERS = TRUE) THEN EXIT

Input validation

Encryption of data at rest is important for sensitive information because of which of the following?

Prevents data from being accessed following theft of physical equipment

A security technician needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should be opened? (Select TWO). A. TCP 21 B. TCP 23 C. TCP 53 D. UDP 23 E. UDP 53

TCP 53, UDP 53

Which of the following is an advantage of implementing individual file encryption on a hard drive which already deploys full disk encryption?

Individually encrypted files will remain encrypted when copied to external media

Certificates are used for: (Select TWO). A. Client authentication. B. WEP encryption. C. Access control lists. D. Code signing. E. Password hashing.

Client Authentication, Code Signing

The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice would BEST protect people from which of the following?

Cognitive passwords attacks

An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?

SSL(Secure Sockets Layer)

Which of the following concepts defines the requirement for data availability?

Disaster recovery planning

Which of the following ports and protocol types must be opened on a host with a host-based firewall to allow incoming SFTP connections?

22/TCP

An auditor is given access to a conference room to conduct an analysis. When they connect their laptop’s Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light. Which of the following is MOST likely causing this issue?

Network Access Control

Which of the following could cause a browser to display the message below? “The security certificate presented by this website was issued for a different website’s address.”

HTTPS://127.0.01 was used instead of HTTPS://localhost.

Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type?

Smartcard

Which of the following allows an organization to store a sensitive PKI component with a trusted third party?

Key escrow

Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches?

TACACS+

A user in the company is in charge of various financial roles but needs to prepare for an upcoming audit. They use the same account to access each financial system. Which of the following security controls will MOST likely be implemented within the company?

Separation of duties

Which of the following is an important implementation consideration when deploying a wireless network that uses a shared password?

Key length

A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the following would fulfill the CISO’s requirements?

USB token and PIN

Which of the following is BEST utilized to identify common misconfigurations throughout the enterprise?

Vulnerability scanning

Which of the following is a requirement when implementing PKI if data loss is unacceptable?

Key escrow

Ann wants to send a file to Peter using PKI. Which of the following should Ann use in order to sign the file?

Ann’s private key

One of the most basic ways to protect the confidentiality of data on a laptop in the event the device is physically stolen is to implement which of the following?

Whole disk encryption with two-factor authentication

A company has recently implemented a high density wireless system by having a junior technician install two new access points for every access point already deployed. Users are now reporting random wireless disconnections and slow network connectivity. Which of the following is the MOST likely cause?

A site survey was not conducted

Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host?

Disabling unnecessary services

Peter analyzed the following log and determined the security team should implement which of the following as a mitigation method against further attempts? Host 192.168.1.123 [00: 00: 01]Successful Login: 015 192.168.1.123 : local [00: 00: 03]Unsuccessful Login: 022 214.34.56.006 : RDP 192.168.1.124 [00: 00: 04]UnSuccessful Login: 010 214.34.56.006 : RDP 192.168.1.124 [00: 00: 07]UnSuccessful Login: 007 214.34.56.006 : RDP 192.168.1.124 [00: 00: 08]UnSuccessful Login: 003 214.34.56.006 : RDP 192.168.1.124

Hardening

A company’s chief information officer (CIO) has analyzed the financial loss associated with the company’s database breach. They calculated that one single breach could cost the company $1,000,000 at a minimum. Which of the following documents is the CIO MOST likely updating?

Business impact analysis

Peter, the Chief Executive Officer (CEO) of a company, has increased his travel plans for the next two years to improve business relations. Which of the following would need to be in place in case something happens to Peter?

Succession planning

An administrator needs to secure a wireless network and restrict access based on the hardware address of the device. Which of the following solutions should be implemented?

Enable MAC filtering

Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk?

Change management

An administrator notices that former temporary employees’ accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening?

Run a last logon script to look for inactive accounts.

Which of the following is a best practice when securing a switch from physical access?

Disable unused ports

A network administrator wants to block both DNS requests and zone transfers coming from outside IP addresses. The company uses a firewall which implements an implicit allow and is currently configured with the following ACL applied to its external interface. PERMIT TCP ANY ANY 80 PERMIT TCP ANY ANY 443 Which of the following rules would accomplish this task? (Select TWO). A. Change the firewall default settings so that it implements an implicit deny B. Apply the current ACL to all interfaces of the firewall C. Remove the current ACL D. Add the following ACL at the top of the current ACL DENY TCP ANY ANY 53 E. Add the following ACL at the bottom of the current ACL DENY ICMP ANY ANY 53 F. Add the following ACL at the bottom of the current ACL DENY IP ANY ANY 53

Change the firewall default settings so that it implements an implicit deny, Add the following ACL at the bottom of the current ACL DENY IP ANY ANY 53

The process of making certain that an entity (operating system, application, etc.) is as secure as it can be is known as:

Hardening

An incident occurred when an outside attacker was able to gain access to network resources. During the incident response, investigation security logs indicated multiple failed login attempts for a network administrator. Which of the following controls, if in place could have BEST prevented this successful attack?

Account lockout

Four weeks ago, a network administrator applied a new IDS and allowed it to gather baseline data. As rumors of a layoff began to spread, the IDS alerted the network administrator that access to sensitive client files had risen far above normal. Which of the following kind of IDS is in use?

Anomaly based

To protect corporate data on removable media, a security policy should mandate that all removable devices use which of the following?

Full disk encryption

A user has unknowingly gone to a fraudulent site. The security analyst notices the following system change on the user’s host: Old `hosts’ file: 127.0.0.1 localhost New `hosts’ file: 127.0.0.1 localhost 5.5.5.5 www.comptia.com Which of the following attacks has taken place?

Pharming

Which of the following BEST explains Platform as a Service?

An external group providing operating systems installed on virtual servers with web applications

Which of the following MOST specifically defines the procedures to follow when scheduled system patching fails resulting in system outages?

Change management

Which of the following is used by the recipient of a digitally signed email to verify the identity of the sender?

Sender’s public key