Practice Test 5 Flashcards
Your supervisor asked you to open the necessary ports for a ‘secure telnet’ What ports should you open?
A) TCP 21
B) TCP 22
C) UDP 23
D) TCP 69
TCP 22
Which of the following options correctly describes SSO?
A) Allows a user to sign in to a subsystem, which grants access to multiple systems without logging in again
B) A protocol that safely encrypts plain text protocols
C) Requires a user to login to every system seperately
D) Will protect credit card information while surfing the web
Allows a user to sign in to a subsystem, which grants access to multiple systems without logging in again
Which of the following options describes a zero-day attack?
A) A known attack, which has been patched and is no longer a threat
B) An attack that exploits an new or unknown vulnerability
C) A commonly known attack, which is still unpatched
D) A type of social attack, in which the attacker targets high level executives.
An attack that exploits an new or unknown vulnerability
Which of the following ACL rules will deny DHCP traffic?
A) DENY ANY SERVER LOG
B) DENY TCP ANY SERVER LOG
C) ALLOW ALL BUT TCP 67
D) DENY UDP ANY SERVER EQ 67
DENY UDP ANY SERVER EQ 67
What will best help you if you need to prevent cross-site scripting on your companies intranet webpage?
A) Anomaly HIDS
B) NIDS
C) SSL/HTTPS
D) Input Validation
Input Validation
A malicious program that disguises itself as a legitimate program is known as a?
A) Virus
B) Spyware
C) Trojan Horse
D) Injection
Trojan Horse
As a security administrator, you decide to force expiration of all user passwords. Which of the following best supports this reasoning?
A) Regular security measure to ensure a secure network
B) Recently several passwords were cracked
C) Ensures everyone meets password complexity requirements
D) Identify which users are actively logging into the network
Recently several passwords were cracked
Your organization has a web server that must be accessible by external users. Which of the following options is the best location for the server?
A) Inside of a VPN
B) Inside of a DMZ
C) Behind the internal firewall
D) Inside of a VLAN
Inside of a DMZ
Which of the following is the default port and protocol for HTTPS?
A) TCP 443
B) TCP 25
C) UDP 443
D) UDP 25
E) TCP 80
TCP 443
What device will work best for servers that need to store private keys?
A) Hardware Security Module
B) SSD hard drive
C) host firewall
D) Network firewall
Hardware Security Module
Which of the following is an example of a physical security measure?
A) Honeypot
B) Mantrap
C) HIDS
D) NIPS
Mantrap
Select the answer that properly describes IPSec in tunnel mode:
A) Packet contents are encrypted, headers are not
B) Entire packet is encrypted and wrapped with new IP headers
C) IPSec encrypts packets using SSL, similar to SSH
D) IPSec is incompatible with OSPF WAN encryptions
Entire packet is encrypted and wrapped with new IP headers
After a power outage, which of the following documents contains detailed information on the order in which the system should be restored?
A) Succession planning
B) Information Security Plan
C) Relief Planning
D) Disaster recovery Plan
Disaster recovery Plan
Your supervisor asks you to implement a new KDC. Which of the following protocols is your supervisor planning to implement?
A) TACACS
B) Kerberos
C) LDAP
D) Radius
Kerberos
Which answer properly describes the purpose of the CA role in Public Key Infrastructure?
A) To verify keys for authenticity
B) To sign key escrow lists to CRLs
C) To issue a certificate
D) To issue and signs all root certs
To issue a certificate
