Q+A

Question 1

You want to use a more secure version of FTP for transferring files. What are two options?

Answer 1

SFTP and FTPS

Question 2

What is known as when traffic to a website is redirected to another illegitimate site?

Answer 2

Pharming

Question 3

In an attempt to gain access to discarded company documents, what social engineering attack would a person implement?

Answer 3

Dumpster Diving

Question 4

What is the more advanced replacement for RADIUS?

Answer 4

Diameter

Question 5

What port does TACACS+ use?

Answer 5

Port 49

Question 6

What port does SSH use?

Answer 6

Port 22

Question 7

What port does TFTP use?

Answer 7

Port 69

Question 8

You surmise that a user;s session was interrupted by an attacker who inserted malicious code into the network traffic. What attack has occurred?

Answer 8

Man-in-the-middle (MITM)

Question 9

What algorithm depends on the inability to factor large prime numbers?

Answer 9

RSA (Rivest, Shamir, Adleman)

Question 10

Greg needs to centralize the authentication of multiple networking systems against a single user database. What is he trying to implement?

Answer 10

Single sign-on (SSO)

Question 11

What fire extinguisher should be used to put out metal fires suck as the kind created by magnesium or titanium?

Answer 11

Class D

Question 12

What protocol uses port 443?

Answer 12

HTTPS (SSL and TLS)

Question 13

You work as a network admin for your organization and use a tool to capture ICMP, HTTP, and FTP, and other packets of information. Which tool should you use.

Answer 13

Protocol Analyzer

Question 14

You are in charge of recycling computers. Some of the computers have hard drives that contain personally identifiable information (PII). what should be done to the hard drive before it is recycled.

Answer 14

The hard drive should be sanitized.

Question 15

What port and transport mechanism does TFTP use by default?

Answer 15

69 and UDP

Question 16

A user receives an encrypted message that was encrypted using asymmetric cryptography. What does this recipient deed to decrypt the messagae

Answer 16

Recipient’s private key

Question 17

What tool should you use to identify network spike activity?

Answer 17

Protocol Analyzer

Question 18

One of your database servers is mission-critical. You cannot afford any downtime. What is the best item to ensure minimal downtime of the server and ensure fault tolerance of the data stored on the database server?

Answer 18

RAID (Redundant Array of Inexpensive Disks)

Question 19

You get an automated call from what appears to be your bank. The recording asks you to state your name and birthday and enter you account number to validate your identity. what type of attack has been perpetuated against you.

Answer 19

Vishing

Question 20

Which network authentication protocol uses symmetric key cryptography, stores a shared key for each network resource and uses a Key Distribution Center (KDC)?

Answer 20

Kerberos

Question 21

What port does PPTP use?

Answer 21

Port 1723

Question 22

Which service uses port 49?

Answer 22

Terminal Access Controller Accesses-Control System Plus (TACACS+)

Question 23

What port does RDP use?

Answer 23

port 3389

Question 24

What port does L2TP use?

Answer 24

Port 1701

Question 25

What kid of threat is a virus designed to format a computer’s hard drive on a specific calendar day?

Answer 25

Logic Bomb

Question 26

What port does Kerberos use?

Answer 26

Port 88

Question 27

What is a hardware chip that stores encrypted keys and resided on a motherboard?

Answer 27

Trusted platform module (TMP)

Question 28

What protocol uses port 22?

Answer 28

SSH (also SCP and SFTP)

Question 29

What port does DNS use?

Answer 29

Port 53

Question 30

An attacker uses a method that is meant to obtain information from a specific person. what type of attack is this?

Answer 30

Spear Phishing

Question 31

Your organization has several logins necessary to gain access to several different sets of resources. what access control method could be used to solve this problem.

Answer 31

Single Sign-on (SSO)

Question 32

What should you be most concerned with when transferring evidence?

Answer 32

Chain of Custody

Question 33

Which type of cable doesn’t suffer from EMI?

Answer 33

Fiber optic

Question 34

What is an area of the network infrastructure that enables a person to put public-facing systems into it without compromising the entire infrastructure?

Answer 34

DMZ (demilitarized zone)

Question 35

Your high-tech server room needs a quality fire suppression system. What is the most appropriate type of fire suppression system to install?

Answer 35

Gaseous fire suppression

Question 36

What port and transport mechanism protocol must be opened on a firewall to allow incoming SFTP connections?

Answer 36

22 and TCP

Question 37

What grouping of computers is used to start a DDoS attack?

Answer 37

Botnet

Question 38

You have been commissioned by a customer to implement a network access controlmodel that limits remote users network usage during normal business hours only. You create one policy that applies to all the remote users. What access control model are you using

Answer 38

Role-based access control (RBAC)

Question 39

You’re designing security for an application into it. You need to ensure that all task relating to the transfer of money you require actions by more than one user through a series of checks and balances. What access control methods should use injure?

Answer 39

Separation of duties

Question 40

One where does the telnet use?

Answer 40

Port 23

Question 41

What kind of attack would a flood guard protect from?

Answer 41

SYN attack

Question 42

What what does SFTP use ?

Answer 42

Port 22

Question 43

You have implemented an X.509 PKI. One of the private keys has been compromised before the certificate’s regular expiration date. What should you do?

Answer 43

Revoke the certificate

Question 44

What will stop network traffic when the traffic is not identified in the firewall rules set

Answer 44

Implicit deny

Question 45

Allison wishes to send a file to bob using a PKI. What type of key and Alice used he signed a file?

Answer 45

Alice’s private key

Question 46

Thumb drives can be used to compromise systems and enabled unauthorized access. in this scenario, what kind of malware was most likely installed on the thumb drive

Answer 46

Trojan

Question 47

You have been contracted to determine if network activity spikes are related to an attempt by an attacker to breach the network. The customer wants you to identify when the activity of occurs and what type of network traffic clauses the activity what type of schools should you use

Answer 47

Protocol analyzer

Question 48

Your boss has instructed you to shred some confidential documents. What threat does this mitigate?

Answer 48

Dumpster diving

Question 49

What port does FTPS use?

Answer 49

Port 989 (and 990).

Question 50

A proximity card is an example of something a user________________.

Answer 50

Has

Question 51

You have collected login information, file access information, security log files, and unauthorized security violations. What is this collection known as?

Answer 51

Audit trail

Question 52

A password would be characterized as something a user___________.

Answer 52

Knows

Question 53

You perform several wardriving routes in your company’s campus and take note of the large number on of unauthorized devices. What are these devices?

Answer 53

Rogue access points

Question 54

Users on your network or identified with tickets. What system is being used?

Answer 54

kerberos

Question 55

NTLM is an improved version of what?

Answer 55

LANMAN

Question 56

A virus is designed to format a hard drive on a specific day. What kind of threat is this?

Answer 56

Logic bomb

Question 57

Voice recognition is an example of something a user _______________.

Answer 57

does

Question 58

Besides applying patches, what is the most important aspect of hardening and operating system.?

Answer 58

Disabling unnecessary services

Question 59

Users are required to login to the network. They use the smartcard to do so. What type of key does the smartcard use to login to the network.?

Answer 59

Private key

Question 60

You want to secure down a passing between two points on an IP Network. What method should you use to protect from all but the most sophisticated APT’s?

Answer 60

Transport encryption

Question 61

Mantraps can be used to prevent what type of social engineering attack?

Answer 61

Tailgating

Question 62

What is it when an application accepts more input and it was originally expecting?

Answer 62

Buffer overflow

Question 63

Your organization implement a policy in which accounting staff needs to be crossed trained in various banking software to detect possible fraud. What is this an example of?

Answer 63

Job rotation

Question 64

Which attack is best described as an attacker capturing part of the communication, and then later sending some or all that communication to a server while pretending to be the original client?

Answer 64

Replay attack

Question 65

What work is SNMP use?

Answer 65

Port 161 (and 162).

Question 66

What port is required by an E commerce website server running SSL?

Answer 66

Port 443 (inbound).

Question 67

Which inbound port must be opened on a server to a allow the user to log in remotely?

Answer 67

3389

Question 68

What port does syslog use?

Answer 68

Port 514.

Question 69

What are Bcrypt and PBKDF2 examples of?

Answer 69

Key lengthening software.

Question 70

You look through some graphic files and discover that confidential information has been encoded into the files. These files are being sent to a sister company outside your organization. What is this an example of?

Answer 70

steganography

Question 71

You check the application log of your web server and see that someone attempted unsuccessfully to enter the text test; etc/password into an HTML form fields. What attack was attempted?

Answer 71

Command injection

Question 72

Your boss has asked you to reduce an AP’s Power setting, and place the AP in the center of your building. What reconnaissance method is your boss trying to prevent?

Answer 72

Wardriving

Question 73

You scan the network and find a counterfeit access point that is using the same SSID as an already existing access point. What is this an example of?

Answer 73

Evil twin.

Question 74

What is it known as when resources that are not given access are denied default?

Answer 74

Implicit deny

Question 75

One of your users complains that files are being randomly renamed and deleted. The last action the user talk was to download and install a new screen saver on the computer. The user says that the file activity started immediately after installation of the screen saver what would be the best description for the screensaver?

Answer 75

Trojan horse

Question 76

The IT director asks you to protect the server’s data from unauthorized access and disclosure. What is this an example of?

Answer 76

Confidentiality

Question 77

What programming technique can stop buffer overflow attacks?

Answer 77

Input validation.

Question 78

Your organization uses a type of cryptography that provides that security but uses smaller key sizes and utilizes logarithms that are calculated against a finite field. What type of cryptography does your organization use ?

Answer 78

Elliptic curve.

Question 79

What is used to validate whether trust is in place and accurate by returning responses of: “good”, “unknown”, or “revoked”?

Answer 79

Online Certificates Status Protocol (OCSP).

Question 80

What protocol uses port 19?

Answer 80

CHARGEN

Question 81

You’ve completed the deployment of PKI with a new organization’s network. Legally you’re required to implement a way to provide description keys to a governmental third party on an as needed basis. What should you implement?

Answer 81

Key escrow.

Question 82

You’re the security of Administrator for the company ABC Accouning, inc. The IT director has given rights to you allowing you to review logs and update Network Devices only. Other rights are given out to the network administrators for the areas that fall within their job description. What kind of access control is this?

Answer 82

Least privilege.

Question 83

Your LAN is isolated from the Internet by a perimeter network. You suspect that someone is trying to gather information about your LAN. The IT director asks you to gather as much information about the attacker as possible while preventing the attacker from knowing that the attempts has been detected. What is the best method to accomplish this?

Answer 83

Deploy a honeypot in the perimeter network.

Question 84

What port does RADIUS use?

Answer 84

Port 1812 (and 1813).

Question 85

The security company you work for has been contracted to discern the security level of a software application. The company building the application has given you the login details, production documentation, a test environment, and the source code. That testing type is present?

Answer 85

White-box testing

Question 86

You notice that a computer is communicating with an unknown IRC server, and it is also scanning older systems on your network. What threat have you discovered?

Answer 86

Botnet

Question 87

What transport protocol and port number does Secure Shell use?

Answer 87

TCP (Transmission Control Protocol) Port 22

Question 88

You and several others in the IT team are deciding on an access control model. The IT director wants to implement the strictest access control model available, ensuring that data is kept as secure as possible. What access control model should you and your IT team use?

Answer 88

Mandatory Access Control

Question 89

What is software designed to gain admin-level control over a computer system?

Answer 89

Rootkit

Question 90

What port does LDAP over TLS/SSL use?

Answer 90

Port 636

Question 91

What port does LDAP use?

Answer 91

Port 389

Question 92

What enables an attacker to hide the presence of malicious code by altering its Registry entries?

Answer 92

Rootkit

Question 93

What protocol uses port 53?

Answer 93

DNS

Question 94

What port does SSL use?

Answer 94

Port 443

Question 95

You investigate an executive’s laptop to find a system-level kernel module that is modifying the operating system’s functions. What is this an example of?

Answer 95

Rootkit

Question 96

What is the service provided by message authentication code?

Answer 96

Integrity

Question 97

A fingerprint is an example of something a user _________.

Answer 97

is

Question 98

What protocol uses port 514?

Answer 98

Syslog

Question 99

What protocol makes use of a supplicant authenticator, and authentication server?

Answer 99

802.1X

Question 100

What social engineering attack relies on impersonation in an attempt to gain personal information?

Answer 100

Phishing