Practice Test 5

Question 1

Your supervisor asked you to open the necessary ports for a ‘secure telnet’ What ports should you open?

A) TCP 21

B) TCP 22

C) UDP 23

D) TCP 69

Answer 1

TCP 22

Question 2

Which of the following options correctly describes SSO?

A) Allows a user to sign in to a subsystem, which grants access to multiple systems without logging in again

B) A protocol that safely encrypts plain text protocols

C) Requires a user to login to every system seperately

D) Will protect credit card information while surfing the web

Answer 2

Allows a user to sign in to a subsystem, which grants access to multiple systems without logging in again

Question 3

Which of the following options describes a zero-day attack?

A) A known attack, which has been patched and is no longer a threat

B) An attack that exploits an new or unknown vulnerability

C) A commonly known attack, which is still unpatched

D) A type of social attack, in which the attacker targets high level executives.

Answer 3

An attack that exploits an new or unknown vulnerability

Question 4

Which of the following ACL rules will deny DHCP traffic?

A) DENY ANY SERVER LOG

B) DENY TCP ANY SERVER LOG

C) ALLOW ALL BUT TCP 67

D) DENY UDP ANY SERVER EQ 67

Answer 4

DENY UDP ANY SERVER EQ 67

Question 5

What will best help you if you need to prevent cross-site scripting on your companies intranet webpage?

A) Anomaly HIDS

B) NIDS

C) SSL/HTTPS

D) Input Validation

Answer 5

Input Validation

Question 6

A malicious program that disguises itself as a legitimate program is known as a?

A) Virus

B) Spyware

C) Trojan Horse

D) Injection

Answer 6

Trojan Horse

Question 7

As a security administrator, you decide to force expiration of all user passwords. Which of the following best supports this reasoning?

A) Regular security measure to ensure a secure network

B) Recently several passwords were cracked

C) Ensures everyone meets password complexity requirements

D) Identify which users are actively logging into the network

Answer 7

Recently several passwords were cracked

Question 8

Your organization has a web server that must be accessible by external users. Which of the following options is the best location for the server?

A) Inside of a VPN

B) Inside of a DMZ

C) Behind the internal firewall

D) Inside of a VLAN

Answer 8

Inside of a DMZ

Question 9

Which of the following is the default port and protocol for HTTPS?

A) TCP 443

B) TCP 25

C) UDP 443

D) UDP 25

E) TCP 80

Answer 9

TCP 443

Question 10

What device will work best for servers that need to store private keys?

A) Hardware Security Module

B) SSD hard drive

C) host firewall

D) Network firewall

Answer 10

Hardware Security Module

Question 11

Which of the following is an example of a physical security measure?

A) Honeypot

B) Mantrap

C) HIDS

D) NIPS

Answer 11

Mantrap

Question 12

Select the answer that properly describes IPSec in tunnel mode:

A) Packet contents are encrypted, headers are not

B) Entire packet is encrypted and wrapped with new IP headers

C) IPSec encrypts packets using SSL, similar to SSH

D) IPSec is incompatible with OSPF WAN encryptions

Answer 12

Entire packet is encrypted and wrapped with new IP headers

Question 13

After a power outage, which of the following documents contains detailed information on the order in which the system should be restored?

A) Succession planning

B) Information Security Plan

C) Relief Planning

D) Disaster recovery Plan

Answer 13

Disaster recovery Plan

Question 14

Your supervisor asks you to implement a new KDC. Which of the following protocols is your supervisor planning to implement?

A) TACACS

B) Kerberos

C) LDAP

D) Radius

Answer 14

Kerberos

Question 15

Which answer properly describes the purpose of the CA role in Public Key Infrastructure?

A) To verify keys for authenticity

B) To sign key escrow lists to CRLs

C) To issue a certificate

D) To issue and signs all root certs

Answer 15

To issue a certificate

Question 16

A software test that does not examine the software’s code is known as what?

A) White Hat

B) Grey Box

C) Black Box

D) White Box

Answer 16

Black Box

Question 17

You are a network administrator for a large business. Recently, you’ve noticed a large amount of unusual traffic and you suspect they are SYN attacks. What choice will help you defend against these attacks?

A) VLAN

B) Implicit Deny

C) Flood guards

D) Spanning Tree Protocol

Answer 17

Flood guards

Question 18

The CEO of the company you work for has been receiving emails that appear to be from the local IT department. The emails address her user account, and instruct her to click a link in order to verify her password. Which type of attack is this?

A) Vishing

B) Phishing

C) Bluesnarfing

D) Whaling

Answer 18

Whaling

Question 19

You’re the admin of a large corporation’s production computer system, with many users. How often should you review and audit your users rights?

A) 5 years

B) After an employee is terminiated

C) Annually

D) Weekly

Answer 19

Annually

Question 20

What sort of attack uses information gained from social media to obtain access to a users login?

A) Cognitive Password Attack

B) Brute Force Attack

C) Birthday Attack

D) MD5 Hash Attack

Answer 20

Cognitive Password Attack